InfoSec News 20250722

  • Publicado: Ter, 22/07/2025 - 15:17

Top News

  • Microsoft: Windows Server KB5062557 causes cluster, VM issues

"Microsoft is asking businesses to reach out for support to mitigate a known issue causing Cluster service and VM restart issues after installing this month's Windows Server 2019 security updates."

Link

TLP1 : Green

  • Intel announces end of Clear Linux OS project, archives GitHub repos

"The Clear Linux OS team has announced the shutdown of the project, marking the end of its 10-year existence in the open-source ecosystem."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

"Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain."

Link

TLP1 : Green

  • UK Sanctions Russian Hackers Tied to Assassination Attempts

"The UK government has sanctioned three Russian APTs and 18 individuals for their involvement in cyber operations against Ukraine, NATO allies, and EU."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Dior begins sending data breach notifications to U.S. customers

"The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • ExpressVPN bug leaked user IPs in Remote Desktop sessions

"ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users' real IP addresses."

Link

TLP1 : Green

  • ISC BIND security advisory (AV25-440)

"On July 16, 2025, the Internet Systems Consortium (ISC) published security advisories addressing two vulnerabilities in ISC BIND 9. These issues affect multiple versions of BIND 9, and users are strongly encouraged to apply the necessary updates."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • This course deal is an affordable way to get started in cybersecurity

"Ethical hacking isn’t just about curiosity and clever coding. It’s about understanding how systems break so you can help build stronger ones."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief

"Unit 42 is tracking high-impact, ongoing threat activity targeting on-premises Microsoft SharePoint servers. While cloud environments remain unaffected, on-premises SharePoint deployments — particularly within government, schools, healthcare (including hospitals) and large enterprise companies — are at immediate risk."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News