1010.cx

  • Black Hat Welcomes Suzy Pallett as New Brand President

    ·

    This week in cybersecurity from the editors at Cybercrime Magazine

    Sausalito, Calif. – Dec. 10, 2025

    Listen to the podcast

    If you’re in the cybersecurity field working anywhere in Europe, then there’s a good chance that you’re in London this week at the Black Hat Conference.

    Black Hat, the cybersecurity industry’s most established and in-depth security event series, announced the appointment of Suzy Pallett, who is based in the U.K., as the brand’s new President on Sep. 1.

    In this episode on the Cybercrime Magazine Podcast, Pallett joins host Amanda Glassner to discuss her new position, the conference’s storied history in the cybersecurity community, and more, including events in the U.S., Canada, Middle East and Africa, Asia, and Europe.

    Pallett brings over 20 years of experience across global B2B and B2C events, most recently serving as Executive Vice President, Europe and Middle East at Money20/20, the world’s leading global FinTech event series. Pallett will be focused on accelerating the growth of Black Hat’s global events, working closely with the community to ensure a smooth transition and continued excellence.

    Cybercrime Magazine is a Media Partner for the Black Hat USA and Europe conferences in 2025.

    Listen to the Podcast Interview

    Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:

    • SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
    • NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
    • HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
    • VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
    • M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
    • BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
    • PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
    • PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
    • RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.

    Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.

    The post Black Hat Welcomes Suzy Pallett as New Brand President appeared first on Cybercrime Magazine.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Three PCIe Encryption Weaknesses Expose PCIe 5.0+ Systems to Faulty Data Handling

    ·

    Three security vulnerabilities have been disclosed in the Peripheral Component Interconnect Express (PCIe) Integrity and Data Encryption (IDE) protocol specification that could expose a local attacker to serious risks. The flaws impact PCIe Base Specification Revision 5.0 and onwards in the protocol mechanism introduced by the IDE Engineering Change Notice (ECN), according to the PCI Special

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

    ·

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw impacting the WinRAR file archiver and compression utility to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-6218 (CVSS score: 7.8), is a path traversal bug that could enable code execution. However, for exploitation

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Webinar: How Attackers Exploit Cloud Misconfigurations Across AWS, AI Models, and Kubernetes

    ·

    Cloud security is changing. Attackers are no longer just breaking down the door; they are finding unlocked windows in your configurations, your identities, and your code. Standard security tools often miss these threats because they look like normal activity. To stop them, you need to see exactly how these attacks happen in the real world. Next week, the Cortex Cloud team at Palo Alto Networks

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days

    ·

    Microsoft closed out 2025 with patches for 56 security flaws in various products across the Windows platform, including one vulnerability that has been actively exploited in the wild. Of the 56 flaws, three are rated Critical, and 53 are rated Important in severity. Two other defects are listed as publicly known at the time of the release. These include 29 privilege escalation, 18 remote code

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

    ·

    Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution. The Fortinet vulnerabilities affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager and relate to a case of improper verification of a cryptographic signature. They are tracked as CVE-2025-59718 and

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Microsoft Patch Tuesday, December 2025 Edition

    ·

    , , , , , , , , , , , , , , , , , , , , , , , , ,

    Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already being exploited, as well as two publicly disclosed vulnerabilities.

    Despite releasing a lower-than-normal number of security updates these past few months, Microsoft patched a whopping 1,129 vulnerabilities in 2025, an 11.9% increase from 2024. According to Satnam Narang at Tenable, this year marks the second consecutive year that Microsoft patched over one thousand vulnerabilities, and the third time it has done so since its inception.

    The zero-day flaw patched today is CVE-2025-62221, a privilege escalation vulnerability affecting Windows 10 and later editions. The weakness resides in a component called the “Windows Cloud Files Mini Filter Driver” — a system driver that enables cloud applications to access file system functionalities.

    “This is particularly concerning, as the mini filter is integral to services like OneDrive, Google Drive, and iCloud, and remains a core Windows component, even if none of those apps were installed,” said Adam Barnett, lead software engineer at Rapid7.

    Only three of the flaws patched today earned Microsoft’s most-dire “critical” rating: Both CVE-2025-62554 and CVE-2025-62557 involve Microsoft Office, and both can exploited merely by viewing a booby-trapped email message in the Preview Pane. Another critical bug — CVE-2025-62562 — involves Microsoft Outlook, although Redmond says the Preview Pane is not an attack vector with this one.

    But according to Microsoft, the vulnerabilities most likely to be exploited from this month’s patch batch are other (non-critical) privilege escalation bugs, including:

    CVE-2025-62458 — Win32k
    CVE-2025-62470 — Windows Common Log File System Driver
    CVE-2025-62472 — Windows Remote Access Connection Manager
    CVE-2025-59516 — Windows Storage VSP Driver
    CVE-2025-59517 — Windows Storage VSP Driver

    Kev Breen, senior director of threat research at Immersive, said privilege escalation flaws are observed in almost every incident involving host compromises.

    “We don’t know why Microsoft has marked these specifically as more likely, but the majority of these components have historically been exploited in the wild or have enough technical detail on previous CVEs that it would be easier for threat actors to weaponize these,” Breen said. “Either way, while not actively being exploited, these should be patched sooner rather than later.”

    One of the more interesting vulnerabilities patched this month is CVE-2025-64671, a remote code execution flaw in the Github Copilot Plugin for Jetbrains AI-based coding assistant that is used by Microsoft and GitHub. Breen said this flaw would allow attackers to execute arbitrary code by tricking the large language model (LLM) into running commands that bypass the user’s “auto-approve” settings.

    CVE-2025-64671 is part of a broader, more systemic security crisis that security researcher Ari Marzuk has branded IDEsaster (IDE  stands for “integrated development environment”), which encompasses more than 30 separate vulnerabilities reported in nearly a dozen market-leading AI coding platforms, including Cursor, Windsurf, Gemini CLI, and Claude Code.

    The other publicly-disclosed vulnerability patched today is CVE-2025-54100, a remote code execution bug in Windows Powershell on Windows Server 2008 and later that allows an unauthenticated attacker to run code in the security context of the user.

    For anyone seeking a more granular breakdown of the security updates Microsoft pushed today, check out the roundup at the SANS Internet Storm Center. As always, please leave a note in the comments if you experience problems applying any of this month’s Windows patches.

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Congress supports bare minimum on Navy’s F/A-XX, while fully backing Air Force’s F-47

    ·

    Congress is committing to only a fraction of the funding necessary for the Navy’s F/A-XX program in the latest version of the defense policy bill, while fully backing the development of the Air Force’s F-47 fighter.

    The compromise version of the 2026 National Defense Authorization Act released late Sunday evening contains roughly $2.6 billion for the Air Force’s F-47 program, and just $74 million to develop the Navy’s unnamed sixth-generation fighter jet. The numbers appear to reflect a White House and Pentagon victory over lawmakers who pushed to get the long-proposed replacement for the F/A-18 Super Hornet and F/A-18 electronic-warfare jet onto the drawing board this year. 

    “We did make a strategic decision to go all in on F-47…due to our belief that the industrial base can only handle going fast on one program at this time, and the presidential priority to go all in on F-47 and get that program right while maintaining the option for F/A-XX in the future,” a U.S. defense official told reporters during a June budget rollout. 

    The F/A-XX will receive less than 1 percent of the $38 billion that the NDAA would authorize to develop, buy, and upgrade military aircraft, according to the House majority’s summary of the bill. Still, the 2026 appropriations bill has yet to emerge, the reconciliation bill might add funds, and the program might also, as it has in the past, receive funds through classified accounts.

    A House Armed Services Committee spokesperson did not immediately respond to clarifications regarding the total amount of funding for the program.

    In March, the Navy reportedly came close to choosing Boeing or Northrop Grumman to make the future aircraft. But no announcement was made, and the service requested only $74 million for 2026, far less than the $454 million the service received last year.

    Defense Secretary Pete Hegseth has echoed the White House’s concerns about pursuing the Navy’s future fighter, reportedly telling lawmakers in a November letter that the Pentagon “strongly supports its original fiscal 2026 request reevaluating the F/A-XX program due to industrial base concerns of two sixth-generation programs occurring simultaneously.”

    Several lawmakers, including Sen. Mitch McConnell, R-Ky. have been vocal about their desire to keep the program moving.

    “Pentagon dithering over the Navy’s sixth-generation fighter, the F/A-XX, has delayed its development and led to hundreds of millions in contract-extension costs,” McConnell wrote last week in a Wall Street Journal opinion piece. “If the department made a decision, Mr. Trump could launch a program that ensures the aircraft carrier remains America’s premier power-projection platform for decades.”

    The final funding amount for the Navy’s future fighter is still up in the air. In July, the House passed its version of the 2026 defense appropriations bill with $972 million for the F/A-XX. 

    “The Committee understands the Navy’s requirement for a sixth-generation fighter remains unchanged and emphatically notes that the Air Force’s F-47 program is not interchangeable with Navy’s carrier-capable program,” House appropriators wrote, adding that “both programs are necessary parts of the future joint fight and failure to pursue Navy’s F/A-XX program risks leaving the U.S. dangerously outmatched in a high-end conflict.”

    Reconciliation funding passed that same month included $750 million to “accelerate the FA/XX aircraft.” The full Senate has yet to vote on its version of the appropriations bill, which includes $1.4 billion for it.

    The Senate version of the authorization bill reportedly included $500 million for F/A-XX through a special access program known as “Link Plumeria,” which has been previously tied to the Navy’s next-generation fighter efforts. The compromise NDAA identified $377 million for “Link Plumeria.”

    As for the F-47: lawmakers are funding it yet but still want answers to basic questions.

    The compromise NDAA requests a report on the F-47 program with details about “projected costs, schedule, and funding requirements” through 2034. Lawmakers are also requesting details on the estimated force structure requirements, strategic basing considerations, construction costs, personnel training requirements, and a strategy for integrating Air National Guard and Air Force Reserve units into the future fighter’s operations. 

    The Air Force Secretary must provide those findings by March 1, 2027. The jet is is expected to make its first flight in 2028.

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • ‘Make Europe Great Again’ and more from a longer version of the National Security Strategy

    ·

    Updated on Dec. 10.

    With its calls for “strong, traditional families” and the “reinvigoration of American spiritual and cultural health,” the latest National Security Strategy is a major departure not only from its immediate predecessor, but even the first Trump administration’s.

    A longer version of the NSS that circulated before the White House published the unclassified version late Thursday night shares the main points: competition with China, withdrawal from Europe’s defense, a new focus on the Western Hemisphere. But the unpublished version also proposes new vehicles for leadership on the world stage and a different way to put its thumb on the scales of Europe’s future—through its cultural values.

    Here are some takeaways from the unpublished version, which was reviewed by Defense One

    “Make Europe Great Again”

    While the publicly released NSS calls for the end of a “perpetually expanding NATO,” the full version goes more into the details of how the Trump administration would like to—quote—“Make Europe Great Again,” even as it calls on European NATO members to wean themselves from American military support.

    Working from the premise that Europe is facing “civilizational erasure” because of its immigration policies and “censorship of free speech,” the NSS proposes to focus U.S. relationships with European countries on a few nations with like-minded—right-wing, presumably—current administrations and movements.

    Austria, Hungary, Italy, and Poland are listed as countries the U.S. should “work more with…with the goal of pulling them away from the [European Union].”

    “And we should support parties, movements, and intellectual and cultural figures who seek sovereignty and preservation/restoration of traditional European ways of life…while remaining pro-American,” the document says.

    The C5

    Over the summer, President Trump made headlines when he lamented the expulsion of Russia from the Group of Eight—now the Group of Seven—as  a “very big mistake.” He even suggested that he’d like to see China added  to form a “G9.”

    His national security strategy proposes taking this a step further, creating a new body of major powers, one that isn’t hemmed in by the G7’s requirements that the countries be both wealthy and democratically governed.

    The strategy proposes a “Core 5,” or C5, made up of the U.S., China, Russia, India and Japan—which are several of the countries with more than 100 million people. It would meet regularly, as the G7 does, for summits with specific themes.

    First on the C5’s proposed agenda: Middle East security—specifically, normalizing relations between Israel and Saudi Arabia. 

    “Hegemony wasn’t achievable”

    The full NSS also spends some time discussing the “failure” of American hegemony, a term that isn’t mentioned in the publicly released version.

    “Hegemony is the wrong thing to want and it wasn’t achievable,” according to the document. 

    In this context, hegemony refers to the leadership by one country of the world, using soft power to encourage other countries to consent to being led. 

    “After the end of the Cold War, American foreign policy elites convinced themselves that permanent American domination of the entire world was in the best interests of our country,” the NSS states. “Yet the affairs of other countries are our concern only if their activities directly threaten our interests.”

    The administration appears to be using this reasoning to bow out of the U.S.’s role in defending Europe, while turning its attention to Venezuela-based drug cartels.

    “The Trump administration inherited a world in which the guns of war have shattered the peace and stability of many countries on many continents,” the NSS reads. “We have a natural interest in ameliorating this crisis.”

    The document says it shouldn’t be up to the United States to do it all alone—but also, China and Russia should not be allowed to replace U.S. leadership. The strategy suggests partnering with “regional champions” to help maintain stability.

    “We will reward and encourage the region’s governments, political parties, and movements broadly aligned with our principles and strategy,” according to the document. “But we must not overlook governments with different outlooks with whom we nonetheless share interests and who want to work with us.”

    After this story was published, the White House denied the existence of any version of the National Security Strategy other than the one published online.

    “No alternative, private, or classified version exists,” spokeswoman Anna Kelly told Defense One. “President Trump is transparent and put his signature on one NSS that clearly instructs the U.S. government to execute on his defined principles and priorities.”

    Kelly then added that “any other so-called ‘versions’ are leaked by people distant from the President who, like this ‘reporter,’ have no idea what they are talking about.’ ”

    ]]>

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

  • North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware

    ·

    Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical React2Shell security flaw in React Server Components (RSC) to deliver a previously undocumented remote access trojan dubbed EtherRAT. “EtherRAT leverages Ethereum smart contracts for command-and-control (C2) resolution, deploys five independent Linux persistence mechanisms, and

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶

    ¶¶¶¶¶