Paul Pfeister

After DHS did not renew its funding contract for reasons unspecified, MITRE’s 25-year-old Common Vulnerabilities and Exposures (CVE) program was slated for an abrupt shutdown on April 16, which would have left security flaw tracking in limbo. CISA stepped in to provide a bridge. A CISA spokesperson sent CSO a statement saying, “The CVE Program is invaluable to cyber community and a priority of CISA. Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners’ and stakeholders’ patience.” Sources say the contract extension will last 11 months. Yosry Barsoum, vice president and director of the Center for Securing the Homeland at MITRE, commented: “Thanks to actions taken by the government, a break in service for the Common Vulnerabilities and Exposures (CVE®) Program and the Common Weakness Enumeration (CWE™) Program has been avoided. As of Wednesday morning, April 16, 2025, CISA identified incremental funding to keep the Programs operational. We appreciate the overwhelming support for these programs that have been expressed by the global cyber community, industry, and government over the last 24 hours. The government continues to make considerable efforts to support MITRE’s role in the program and MITRE remains committed to CVE and CWE as global resources.” https://lnkd.in/gPhB8vVQ

170

12 Comments

Are your database secrets secure? Security reports keep confirming it: Long-lived credentials like hardcoded secrets and shared API keys remain easy targets for threat actors. Teleport eliminates static and shared credentials. No API keys or stored passwords Use SSO, mTLS, and secure enclaves Tie all access back to real, organization-wide identity Learn more: https://lnkd.in/gWybDqvf

11

🚨 Critical Security Alert: Notepad++ Vulnerability (CVE-2025-49144) Just analyzed a fascinating privilege escalation flaw in Notepad++ v8.8.1 that demonstrates the critical importance of secure installation practices. This vulnerability showcases how seemingly minor oversights in executable search paths can lead to complete system compromise. ⚙️ Technical Analysis: The vulnerability exploits an uncontrolled EXE/DLL search path weakness in the installer. The root cause lies in this vulnerable code pattern: ExecWait 'regsvr32 /u /s "$INSTDIR\NppShell_01.dll"' The installer searches the current working directory before system paths, allowing attackers to plant malicious binaries (like a weaponized regsvr32.exe) in common download locations. 🛡️ Key Lessons for Developers and Defenders: ✅ Binary planting attacks remain a significant threat ✅ Installer security is just as vital as the app itself ✅ Always use absolute paths for critical binaries ✅ Validate and verify binaries before execution If you’re using Notepad++ v8.8.1 or earlier, update to v8.8.2 immediately and stay secure, stay updated! #CyberSecurity #InfoSec #CVE202549144 #NotepadPlusPlus #Vulnerability #SecureCoding #BinaryPlanting #WindowsSecurity  #TechUpdates #SecurityBestPractices

715

3 Comments

Zero-day exploits, dark web chatter, and active ICS attacks – Cyble’s latest vulnerability report uncovers 60+ high-risk threats, including Windows CLFS and Apache RCE flaws. Security teams must act fast to patch and protect. Read more: https://lnkd.in/dQ9MX3t6 #ZeroDay #CyberThreats #VulnerabilityManagement #CybleVision

9

Are #cybersecurity incidents growing more costly? Cyentia Institute's recent Information Risk Insights Study points to a 15-fold increase in the cost of #incidents and #databreaches over the last 15 years. The chart on the left shows the distribution of known/reported financial losses from incidents across the time period of study. The typical (median) incident costs about $600K, while more extreme (95th percentile) losses swell to $32M. Note that the chart uses a log scale, so the tail of large losses is a lot longer than it appears. The chart on the right trends the escalating costs of cyber events over time. Median losses from a security incident have absolutely exploded over the last 15 years, rising 15-fold from $190K to almost $3 million! The cost of extreme events has also risen substantially (~5x). So, yeah—cyber events are definitely growing more costly. That said, this picture looks a lot different among different types and sizes of organizations. How are cyber losses trending for orgs like yours? Download the full IRIS 2025 to find out! Link in the comments.

102

15 Comments

Most people rely on Google. Cybersecurity pros use these 30 search engines instead. These engines aren’t just powerful they’re essential. They uncover exploits, leaked data, open buckets, and live threats in seconds ✅Alien Vault – Threat intel feed for deep research ✅Binary Edge – Internet-wide scan data ✅Censys – Discover internet-facing assets ✅crt.sh – Search SSL certs across domains ✅Dehashed – View leaked credentials ✅DNS Dumpster – DNS recon made simple ✅DorkSearch – Fast Google dorking ✅Exploit Database – Archive of real-world exploits ✅FOFA – Scan threat intelligence at scale ✅FullHunt – Surface attack assets ✅grep.app – Search across public git repos ✅Grayhat Warfare – Open S3 bucket search ✅GreyNoise – Filter noise, spot real threats ✅Hunter.io – Find domain-associated emails ✅IntelligenceX – Search dark web, Tor, data leaks ✅LeakIX – Public indexed leaks ✅NetLas – Asset monitoring and discovery ✅Onyphe – Cyber threat data collection ✅Packet Storm – Latest exploits and vulnerabilities ✅Polyswarm – File/URL threat scanning ✅PublicWWW – Code + affiliate tag discovery ✅Pulsedive – Threat intel search engine ✅searchcode – Search 75B+ lines of code ✅SecurityTrails – Rich DNS history + domain intel ✅Shodan – Internet-connected device search ✅urlscan.io – Website scanning service ✅Vulners – Vulnerability database ✅Wayback Machine – View deleted web content ✅wiggle – Wireless network database ✅ZoomEye – Asset reconnaissance engine

81

3 Comments