The first quarter of 2025, like previous ones, demonstrates a significant number of newly documented vulnerabilities.
The trend largely mirrors previous years, so we will focus on new data that can be collected for the most popular platforms. This report examines the characteristics of vulnerabilities in the Linux operating system and Microsoft software, specifically the Windows OS. Given that the Linux kernel developers have obtained the status of a CVE Numbering Authority (CNA) and they can independently assign CVE identifiers to newly discovered security issues, all information about vulnerabilities can now be obtained firsthand.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- REvil resurrected? Ransomware crew appears to be back. Keyword: Appears
April 22, 2022
The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous and fresh victims. Back in January, Russia said it dismantled the crime ring’s networks and raided ...
- Critical bug in Android could allow access to users’ media files
April 21, 2022
Security analysts have found that Android devices running on Qualcomm and MediaTek chipsets were vulnerable to remote code execution due to a flaw in the implementation of the Apple Lossless Audio Codec (ALAC). ALAC is an audio coding format for lossless audio compression that Apple open-sourced in 2011. Since then, the company has been releasing updates ...
- FBI: Ransomware Attacks on Agricultural Cooperatives Potentially Timed to Critical Seasons
April 20, 2022
The Federal Bureau of Investigation (FBI) is informing Food and Agriculture (FA) sector partners that ransomware actors may be more likely to attack agricultural cooperatives during critical planting and harvest seasons, disrupting operations, causing financial loss, and negatively impacting the food supply chain. The FBI noted ransomware attacks during these seasons against six grain cooperatives during ...
- Oracle’s quarterly Critical Patch Update arrives with 520 fixes
April 20, 2022
Enterprise software giant Oracle has released its April Critical Patch Update (CPU) advisory, which includes 520 fixes for security flaws. Critical Patch Updates are collections of security fixes for Oracle products, published quarterly. This update addresses security flaws in dozens of products with three bugs getting a severity rating of 10 out of a possible 10, ...
- Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers
April 20, 2022
Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident’s impact was significantly smaller than expected. Based on the final forensic report, Okta’s Chief Security Officer David Bradbury said the attacker only accessed the two active customer tenants after gaining control of a single workstation used by an engineer ...
- FBI: BlackCat/ALPHV Ransomware Indicators of Compromise
April 20, 2022
This FLASH is part of a series of FBI reports to disseminate known indicators of compromise (IOCs) and tactics, techniques and procedures (TTPs) associated with ransomware variants identified through FBI investigations. As of March 2022, BlackCat/ALPHV ransomware as a service (RaaS) had compromised at least 60 entities worldwide and is the first ransomware group to do ...