The first quarter of 2025, like previous ones, demonstrates a significant number of newly documented vulnerabilities.
The trend largely mirrors previous years, so we will focus on new data that can be collected for the most popular platforms. This report examines the characteristics of vulnerabilities in the Linux operating system and Microsoft software, specifically the Windows OS. Given that the Linux kernel developers have obtained the status of a CVE Numbering Authority (CNA) and they can independently assign CVE identifiers to newly discovered security issues, all information about vulnerabilities can now be obtained firsthand.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Lazarus Trojanized DeFi app for delivering malware
March 31, 2022
For the Lazarus threat actor, financial gain is one of the prime motivations, with a particular emphasis on the cryptocurrency business. As the price of cryptocurrency surges, and the popularity of non-fungible token (NFT) and decentralized finance (DeFi) businesses continues to swell, the Lazarus group’s targeting of the financial industry keeps evolving. We recently discovered a ...
- Meet BlackGuard: a new infostealer peddled on Russian hacker forums
March 31, 2022
Researchers have uncovered a new infostealer malware being peddled in Russian underground forums. Dubbed BlackGuard, zScaler says that the new malware strain is “sophisticated” and has been made available to criminal buyers for a monthly price of $200. Infostealers are forms of malware designed to harvest valuable data, potentially including operating system information, contact lists, screenshots, network ...
- Tracking cyber activity in Eastern Europe
March 30, 2022
In early March, Google’s Threat Analysis Group (TAG) published an update on the cyber activity it was tracking with regard to the war in Ukraine. Since our last update, TAG has observed a continuously growing number of threat actors using the war as a lure in phishing and malware campaigns. Government-backed actors from China, Iran, ...
- An In-Depth Look at ICS Vulnerabilities Part 1
March 30, 2022
Every year, vulnerabilities are discovered and registered to a Common Vulnerabilities and Exposures (CVE) ID by the MITRE Corporation. Each vulnerability’s details are recorded, and specialists also include how to mitigate them under their CVE ID. Vulnerabilities that can affect industrial control system (ICS) environments are identified to the public through advisories by the Industrial ...
- FBI: Ransomware Attacks Straining Local US Governments and Public Services
March 30, 2022
The FBI is informing Government Facilities Sector (GFS) partners of cyber actors conducting ransomware attacks on local government agencies that have resulted in disrupted operational services, risks to public safety, and financial losses. Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency ...
- Powerful cyber attack on Russia’s Civil Aviation Authority servers: no more data nor back-up
March 29, 2022
A powerful and effective cyberattack on the Russian Federal Air Transport Agency (Rosaviatsia) infrastructure that took place on Saturday morning has erased all documents, files, aircraft registration data and mails from the servers. In total, about 65 terabytes of data was erased. The news became known on Monday morning, the agency’s official website (favt.ru) went ...