news
Security Leftovers
-
Pen Test Partners ☛ The logs you’ll wish you had configured if (when) you are breached…
When responding to an incident, logs provide a vital record of events within a system and serve as a critical source of evidence during an incident investigation. They help identify what happened, where, when, and by whom.
-
Security Week ☛ Gladinet Patches Exploited CentreStack Vulnerability
The unauthenticated local file inclusion bug allows attackers to retrieve the machine key and execute code remotely via a ViewState deserialization issue.
-
Security Week ☛ Vulnerabilities Allow Disruption of Phoenix Contact UPS Devices
An attacker can exploit the flaws to put devices into a permanent DoS condition that prevents remote restoration.
-
Security Week ☛ Prosper Data Breach Impacts 17.6 Million Accounts
Hackers stole names, addresses, dates of birth, email addresses, Social Security numbers, government IDs, and other information.
-
Security Week ☛ Hackers Steal Sensitive Data From Auction House Sotheby’s
Sotheby's has disclosed a data breach impacting personal information, including SSNs.
-
Security Week ☛ Over $3 Million in Prizes Offered at Pwn2Own Automotive 2026
Set for January 2026 at Automotive World in Tokyo, the contest will have six categories, including Tesla, infotainment systems, EV chargers, and automotive OSes.
-
Security Week ☛ In Other News: CrowdStrike Vulnerabilities, CISA Layoffs, Mango Data Breach
Other noteworthy stories that might have slipped under the radar: Capita fined £14 million, ICTBroadcast vulnerability exploited, Spyware maker NSO acquired.
-
Windows TCO / Windows Bot Nets
-
Security Week ☛ ‘Highest Ever’ Severity Score Assigned by Abusive Monopolist Microsoft to ASP.NET Core Vulnerability
CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes.
-