Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyble vulnerabilities. Show all posts
Privacy Regulations
Cyble vulnerabilities Digital Privacy enhanced user privacy EU European Union Privacy Privacy Regulations

EU’s Child Sexual Abuse Regulation Risks Undermining Encryption and Global Digital Privacy

 

The European Union’s proposed Child Sexual Abuse Regulation (CSAR)—often referred to as Chat Control—is being criticized for creating an illusion of safety while threatening the very foundation of digital privacy. Experts warn that by weakening end-to-end encryption, the proposal risks exposing users worldwide to surveillance, exploitation, and cyberattacks. 

Encryption, which scrambles data to prevent unauthorized access, is fundamental to digital trust. It secures personal communications, financial data, and medical records, forming a critical safeguard for individuals and institutions alike. Yet, several democratic governments, including those within the EU, have begun questioning its use, framing strong encryption as an obstacle to law enforcement. This false dichotomy—between privacy and public safety—has led to proposals that inadvertently endanger both. 

At the center of the EU’s approach is client-side scanning, a technology that scans messages on users’ devices before encryption. Critics compare it to having someone read over your shoulder as you type a private letter. While intended to detect child sexual abuse material (CSAM), the system effectively eliminates confidentiality. Moreover, it can be easily circumvented—offenders can hide files by zipping, renaming, or converting them to other formats, undermining the entire purpose of the regulation. 

Beyond its inefficiency, client-side scanning opens the door to mass surveillance. Once such systems exist, experts fear they could be repurposed to monitor political dissent, activism, or journalism. By introducing backdoors—intentional weaknesses that allow access to encrypted data—governments risk repeating mistakes like those seen in the Salt Typhoon case, where a Chinese state-sponsored group exploited backdoors originally built for U.S. agencies. 

The consequences of weakened encryption are vast. Journalists would struggle to protect sources, lawyers could no longer guarantee client confidentiality, and businesses risk exposure of trade secrets. Even governments rely on encryption to protect national security. For individuals—especially victims of domestic abuse or marginalized groups—encrypted communication can literally be a matter of life and death. 

Ironically, encryption also protects children. Research from the UK’s Information Commissioner’s Office found that encrypted environments make it harder for predators to access private data for grooming. Weakening encryption, therefore, could expose children to greater harm rather than prevent it. 

Public opposition to similar policies has already shifted outcomes elsewhere. In Australia, controversial encryption laws passed in 2018 have yet to be enforced due to political backlash. In the UK, public resistance to the Online Safety Act led major tech companies to threaten withdrawal rather than compromise encryption.  

Within the EU, member states remain divided. Poland, Finland, the Netherlands, and the Czech Republic have opposed the CSAR for privacy and security reasons, while France, Denmark, and Hungary support it as a necessary tool against abuse. Whatever the outcome, the effects will extend globally—forcing tech companies to either weaken encryption standards or risk losing access to the European market. 

As the world marks Global Encryption Day, the debate surrounding CSAR highlights a broader truth: safeguarding the internet means preserving both safety and privacy. Rather than imposing blanket surveillance, policymakers should focus on targeted investigations, rapid CSAM takedown measures, and support for victims.  
Encryption remains the cornerstone of a secure, trustworthy, and free internet. If the EU truly aims to protect children and its citizens, it must ensure that this foundation remains unbroken—because once privacy is compromised, safety soon follows.
Read more »
Vulnerabilities and Exploits
CISA KEV catalog Cyble vulnerabilities Ivanti Endpoint ransomware exploited vulnerabilities SolarWinds CVE-2025-26399 Vulnerabilities and Exploits

Cyble Flags 22 Vulnerabilities Under Active Exploitation, Including Ransomware Attacks

 



Cybersecurity researchers at Cyble have revealed 22 vulnerabilities currently being exploited by threat actors, with nine of them missing from the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog.

In its latest blog post, Cyble explained that twelve of the vulnerabilities were flagged by its honeypot sensors after detecting real-world attack attempts. Out of these twelve, only four are listed in CISA’s KEV catalog.

The report also highlights 10 vulnerabilities actively abused by ransomware groups. Interestingly, nine of those have already made it into CISA’s KEV catalog, with just one — CVE-2025-7771 in ThrottleStop.sys — standing out as an exception. This flaw has reportedly been exploited by the MedusaLocker ransomware group.

Adding to the urgency, SolarWinds today rolled out a hotfix addressing CVE-2025-26399 in SolarWinds Web Help Desk. The flaw bypasses patches for CVE-2024-28988, which itself was a patch bypass for CVE-2024-28986. Since CVE-2024-28986 is already part of the KEV catalog, experts warn the new 9.8 CVSS-rated vulnerability could quickly attract attention from attackers.

Cyble researchers documented 12 vulnerabilities under active attack, including:

  • CVE-2025-49493 – Akamai CloudTest (before version 60, 2025.06.02)

  • CVE-2025-5086 – DELMIA Apriso (Release 2020–2025), recently added as a rare ICS/OT flaw in the KEV catalog

  • CVE-2025-48827 – vBulletin 5.0.0–5.7.5 and 6.0.0–6.0.3 on PHP 8.1+

  • CVE-2025-45985 – Multiple Blink router models

  • CVE-2025-4427 – Ivanti Endpoint Manager Mobile up to 12.5.0.0 (in KEV catalog)

  • CVE-2025-4009 – Evertz SDVN 3080ipx-10G management interface

  • CVE-2025-32432 – Craft CMS 3.0.0-RC1 to <3.9.15, 4.0.0-RC1 to <4.14.15, 5.0.0-RC1 to <5.6.17

  • CVE-2025-31161 – CrushFTP 10 (before 10.8.4) and 11 (before 11.3.1), listed in KEV

  • CVE-2025-29306 – FoxCMS v1.2.5

  • CVE-2025-20188 – Cisco IOS XE Software for Wireless LAN Controllers

  • CVE-2025-47812 – Wing FTP Server (before 7.4.4), also in KEV

  • CVE-2025-54782 – NestJS versions 0.2.0 and below in @nestjs/devtools-integration

Cyble’s threat intelligence division also identified 10 vulnerabilities exploited by ransomware groups, tracked via open-source intelligence and internal monitoring. Notable cases include:

  • CVE-2025-53770 – Microsoft SharePoint Server, exploited by Storm-2603

  • CVE-2024-40766 – SonicWall SonicOS, targeted by Akira

  • CVE-2024-23692 – Rejetto HTTP File Server, targeted by an unknown group

  • CVE-2025-8088 – WinRAR for Windows, exploited by RomCom (Storm-0978 / Tropical Scorpius / UNC2596)

  • CVE-2025-29824 – Windows Common Log File System, abused by RansomExx (Storm-2460)

  • CVE-2025-31324 and CVE-2025-42999 – SAP NetWeaver Visual Composer Metadata Uploader, exploited in tandem by Scattered Spider

  • CVE-2023-46604 – Java OpenWire protocol marshaller, linked to Linux malware Drip Dropper

  • CVE-2025-24472 – FortiOS 7.0.0–7.0.16, FortiProxy 7.2.0–7.2.12 / 7.0.0–7.0.19, exploited by INC Ransom

According to Cyble, these vulnerabilities “should be high-priority fixes by security teams if they haven't been patched or mitigated already, and a risk-based vulnerability management program should be at the heart of every organization's cyber defenses.”

Read more »
Subscribe to: Comments (Atom)