Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)
The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.
Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)
For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as part of a BadSuccessor attack.
AWS CISO explains how cloud-native security scales with your business
In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud.
Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)
Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers.
From legacy to SaaS: Why complexity is the enemy of enterprise security
In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security.
Croatian research institute confirms ransomware attack via ToolShell vulnerabilities
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolShell” vulnerabilities.
How military leadership prepares veterans for cybersecurity success
In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity.
Open-source flow monitoring with SENSOR: Benefits and trade-offs
Flow monitoring tools are useful for tracking traffic patterns, planning capacity, and spotting threats. But many off-the-shelf solutions come with steep licensing costs and hardware demands, especially if you want to process every packet.
Brute-force attacks hammer Fortinet devices worldwide
A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices.
Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)
Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild.
APT groups are getting personal, and CISOs should be concerned
Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets.
Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)
FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting CitrixBleed 2, a critical buffer over‑read flaw (CVE‑2025‑5777) affecting Citrix NetScaler ADC (Application Delivery Controller) and Gateway devices.
AI security governance converts disorder into deliberate innovation
AI influences more than just technology, encompassing hiring practices, policy choices, ethical standards, brand positioning, and leadership strategy. That’s why governance needs to span functions and bring together varied stakeholders.
Win-DDoS: Attackers can turn public domain controllers into DDoS agents
SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed denial-of-service (DDoS) attacks.
How Brandolini’s law informs our everyday infosec reality
Brandolini’s law casts a long shadow over everything we do, from fighting social engineering to dissecting threat intel and even trying to make sense of the very tools we rely on.
Pentesting is now central to CISO strategy
Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems.
What makes a security program mature and how to get there faster
Security leaders are flush with tools and data, but it’s not helping their programs mature. In this Help Net Security video, PlexTrac’s Dan DeCloss outlines the 3 key gaps holding security programs back and what sets mature programs apart.
NIST finalizes lightweight cryptography standard for small devices
The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks.
Why DNS threats should be on every CISO’s radar in 2025
DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and enterprises are feeling the pressure.
Breaches are up, budgets are too, so why isn’t healthcare safer?
A new report from Resilience outlines a growing cyber crisis in the U.S. healthcare sector, where ransomware attacks, vendor compromise, and human error continue to cause widespread disruption.
Fighting fraud with AI: The new identity security playbook
In this Help Net Security video, Hal Lonas, CTO at Trulioo, talks about the rise of synthetic identity fraud and how it’s quickly becoming one of the biggest threats in financial crime.
EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations
EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues.
Free courses: Master AI tools from Microsoft, AWS, and Google
Learn how AI technologies can be applied to enhance security, create safe and responsible applications, develop intelligent agents, and improve information discovery.
Cybersecurity jobs available right now: August 12, 2025
We’ve scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
Product showcase: Apricorn Aegis NVX, a high-security, portable SSD
The Apricorn Aegis NVX is a hardware-based 256-Bit AES XTS external SSD drive with integrated USB-C cable. Its storage capacities range from 500GB to 2TB. The device is OS free and cross-platform compatible.
New infosec products of the week: August 15, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Brivo, Envoy, Prove, Rubrik, and Trellix.
Source link
