network defense

CISA and a coalition of U.S. and international partners this week published a practical playbook aimed at choking off a persistent enabler of organized cybercrime: bulletproof hosting (BPH) providers that knowingly lease infrastructure to threat actors and ignore abuse takedowns. The new...

Microsoft Edge's experimental Scareware Blocker is graduating from a single-user popup interrupter to a broader, system-strengthening feature that can block scam sites and — in the Canary channel — optionally share detected scam links and classifications with Microsoft’s Defender SmartScreen...

A critical security vulnerability, identified as CVE-2025-49691, has been discovered in Windows Miracast Wireless Display, posing significant risks to users. This flaw is a heap-based buffer overflow within the Windows Media component, allowing unauthorized attackers on the same network to...

A critical security vulnerability, identified as CVE-2025-48817, has been discovered in Microsoft's Remote Desktop Client, posing significant risks to users and organizations worldwide. This flaw allows unauthorized attackers to execute arbitrary code over a network by exploiting a relative path...

Windows Routing and Remote Access Service (RRAS) has long been relied upon for powering remote connectivity and VPN solutions across enterprise, education, and government networks. But in a new security advisory, CVE-2025-49671, Microsoft has detailed a significant information disclosure...

The digital landscape was shaken recently when Cloudflare, a web infrastructure and security firm protecting many of the internet’s busiest destinations, reported successfully mitigating the largest distributed denial-of-service (DDoS) attack ever documented. At its peak, the attack surged to...

CVE-2025-33066 is a critical vulnerability identified in the Windows Routing and Remote Access Service (RRAS), characterized by a heap-based buffer overflow. This flaw allows unauthorized attackers to execute arbitrary code over a network, posing significant security risks. Technical Details...

Authentication coercion attacks have emerged as a formidable and evolving threat to enterprise networks leveraging Windows infrastructure. Despite significant advances in native Microsoft security controls, even low-privileged domain accounts can still exercise a range of techniques to force...

When it comes to the backbone of modern automated manufacturing, the stability and resilience of programmable logic controllers (PLCs) like the Mitsubishi Electric MELSEC iQ-F Series can no longer be taken for granted. Recent vulnerability disclosures have brought into sharp relief just how...

The global scale and sophistication of cybercrime reached new heights with the recent crackdown on the notorious Lumma malware network, as revealed by Microsoft in partnership with law enforcement agencies worldwide. For many Windows users and enterprises, this revelation isn’t just another...

In a rapidly evolving threat landscape, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) continues its vigilant effort to safeguard the federal enterprise and private-sector organizations by maintaining a dynamic repository known as the Known Exploited Vulnerabilities (KEV)...

When organizations rely on Windows infrastructure for their networks, few components matter as much as those facilitating remote access. One of the key pillars in this domain is the Windows Routing and Remote Access Service (RRAS), a longstanding element enabling features such as VPN, dial-up...

In the rapidly evolving landscape of enterprise cybersecurity, even advanced solutions like Microsoft Defender for Identity (MDI) are not immune to serious flaws. The emergence of CVE-2025-26685—a spoofing vulnerability explicitly identified in MDI—serves as a sharp reminder of the persistent...

Remote Desktop Gateway (RD Gateway) serves as a vital entry point for secure, remote access to Windows environments, widely implemented by enterprises and service providers alike. Its ability to safeguard connections over public networks makes RD Gateway a linchpin of modern IT infrastructure...

The recent discovery of CVE-2025-30394—a denial of service vulnerability in Microsoft Windows Remote Desktop Gateway (RD Gateway)—has sent ripples through IT departments and security circles worldwide. With enterprises increasingly relying on RD Gateway to facilitate secure remote access...

The ever-evolving landscape of industrial cybersecurity has again been put to the test, this time by the discovery of a significant vulnerability in the Milesight UG65-868M-EA industrial gateway. Identified as CVE-2025-4043, this flaw has broad implications across critical infrastructure sectors...

A surge of concern has swept through IT and cybersecurity circles following the disclosure of a critical zero-click vulnerability in Microsoft’s Windows Deployment Services (WDS) platform. Unlike more intricate bugs that require a sophisticated attacker or privileged access, this flaw enables...

Fast flux represents one of the more elusive and dangerous tactics in the cyber threat landscape—an ever-shifting target that challenges traditional defenses and tests the resilience of network security. In today’s interconnected world, fast flux techniques have emerged as critical...

Original release date: August 31, 2021 Summary Immediate Actions You Can Take Now to Protect Against Ransomware • Make an offline backup of your data. • Do not click on Link Removed. • If you use RDP, secure and monitor it. • Link Removed your OS and software. • Use Link Removed. • Use Link...

Original release date: July 19, 2021 Summary This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source...