Triofox and the key to disaster. [Research Saturday]
CyberWire Daily31 Touko 2025

Triofox and the key to disaster. [Research Saturday]

This week, we are joined by John Hammond, Principal Security Researcher at Huntress, who is sharing his PoC and research on "CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild." A critical 9.0 severity vulnerability (CVE-2025-30406) in Gladinet CentreStack and Triofox is being actively exploited in the wild, allowing remote code execution via hardcoded cryptographic keys in default configuration files. Huntress researchers observed compromises at multiple organizations and confirmed hundreds of vulnerable internet-exposed servers, urging immediate patching or manual machineKey updates. Mitigation guidance, detection, and remediation scripts have been released to help users identify and secure affected installations. The research can be found here: ⁠CVE-2025-30406 - Critical Gladinet CentreStack & Triofox Vulnerability Exploited In The Wild Learn more about your ad choices. Visit megaphone.fm/adchoices

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(3654)

Meta’s recovery plan needed recovery.

Meta’s recovery plan needed recovery.

Meta exposes 20,000 Instagram accounts through a support tool bug. CISA warns of active attacks on SolarWinds Serv-U. WordPress sites face takeover through a widely used plugin. A new Gafgyt variant b...

8 Kesä 28min

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

Spoofing ships, jamming drones: how GPS manipulation confuses and compromises. [T-Minus: Space-Cyber Briefing]

GPS constellations have become foundational in modern society supporting everything from navigation to financial services, making the impacts of GPS disruptions all the more concerning. As reliance o...

7 Kesä 26min

You've been muted...permanently. [Research Saturday]

You've been muted...permanently. [Research Saturday]

Ismael Valenzuela, Arctic Wolf’s VP of Labs, Threat Research and Intelligence, discusses their work on "BlueNoroff Uses ClickFix, Fileless PowerShell, and AI-Generated Fake Zoom Meetings to Target Web...

6 Kesä 21min

The NSA gets an AI upgrade.

The NSA gets an AI upgrade.

Anthropic brings Mythos to the NSA. A Palantir executive emerges as a possible CISA pick. A Linux flaw is under active attack. Minecraft malware goes commercial. An npm package gets caught in the Mias...

5 Kesä 31min

Not every headhunter is hiring.

Not every headhunter is hiring.

The Five Eyes issue a rare joint warning on China. Jen Easterly weighs in on Trump’s AI EO. Researchers warn everyday notifications can become AI attack vectors. IronWorm is a sophisticated Rust-based...

4 Kesä 30min

The AI race gets a referee.

The AI race gets a referee.

AI oversight arrives at the White House. A Cyber Force gains momentum. Critical infrastructure comes under cyberattack. Acer faces zero-day trouble. A stock exchange executive gets spied on for months...

3 Kesä 31min

The bugs are piling up faster than the fixes.

The bugs are piling up faster than the fixes.

A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Stea...

2 Kesä 30min

AI joins the chain of command.

AI joins the chain of command.

Battlefield AI sparks debate. Election cyber threats rise. A critical Windows flaw is under active attack. CISA weighs new reporting rules. Russian targets face a stealthy hacking campaign. A 19-year-...

1 Kesä 29min

Suosittua kategoriassa Politiikka ja uutiset

uutiscast
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
rss-vaalirankkurit-podcast
tervo-halme
rss-asiastudio
otetaan-yhdet
rss-podme-livebox
the-ulkopolitist
et-sa-noin-voi-sanoo-esittaa
rss-polikulaari-pitka-kiekko-ja-muut-ts-podcastit
rss-kaikki-uusiksi
rss-girls-finish-f1rst
rss-ulkopoditiikkaa
rss-pinnalla
linda-maria
viisupodi
rss-vain-talouselamaa