The first quarter of 2025, like previous ones, demonstrates a significant number of newly documented vulnerabilities.
The trend largely mirrors previous years, so we will focus on new data that can be collected for the most popular platforms. This report examines the characteristics of vulnerabilities in the Linux operating system and Microsoft software, specifically the Windows OS. Given that the Linux kernel developers have obtained the status of a CVE Numbering Authority (CNA) and they can independently assign CVE identifiers to newly discovered security issues, all information about vulnerabilities can now be obtained firsthand.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Trello From the Other Side: Tracking APT29 Phishing Campaigns
April 28, 2022
Since early 2021, Mandiant has been tracking extensive APT29 phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia. This blog post discusses our recent observations related to the identification of two new malware families in 2022, BEATDROP and BOOMMIC, as well as APT29’s efforts to evade detection through retooling and abuse of Atlassian’s ...
- Assembling the Russian Nesting Doll: UNC2452 Merged into APT29
April 27, 2022
Mandiant has gathered sufficient evidence to assess that the activity tracked as UNC2452, the group name used to track the SolarWinds compromise in December 2020, is attributable to APT29. This conclusion matches attribution statements previously made by the U.S. Government that the SolarWinds supply chain compromise was conducted by APT29, a Russia-based espionage group assessed to ...
- New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware
April 27, 2022
Trend Micro researchers recently discovered a new advanced persistent threat (APT) group that they have dubbed Earth Berberoka (aka GamblingPuppet). Based on their analysis, this group targets gambling websites. Trend Micro’s investigation has also uncovered that Earth Berberoka targets the Windows, Linux, and macOS platforms, and uses malware families that have been historically attributed to ...
- APT trends report Q1 2022
April 27, 2022
For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They are ...
- 2021 Top Routinely Exploited Vulnerabilities
April 27, 2022
CISA, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), the Australian Cyber Security Centre (ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NZ NCSC), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have released a joint Cybersecurity Advisory that provides details on the top ...
- DDoS attacks in Q1 2022
April 25, 2022
he DDoS landscape in Q1 2022 was shaped by the ongoing conflict between Russia and Ukraine: a significant part of all DDoS-related news concerned these countries. In mid-January, the website of Kyiv Mayor Vitali Klitschko was hit by a DDoS attack, and the websites of a number of Ukrainian ministries were defaced. In mid-February, DDoS ...