Microsoft August 2025 Patch Tuesday fixes 107 vulnerabilities, including 13 critical and one zero-day
Microsoft's August 2025 Patch Tuesday addresses 107 security vulnerabilities including 13 critical flaws (nine enabling remote code execution) and one publicly disclosed zero-day in the Windows Kerberos authentication system.
This month prioritize patching of Microsoft Windows, Azure integration components and Microsoft Office. Those are impacted by the critical issues. Don't forget to update your Windows PCs/Laptops, since we all use them on the internet and this list of flaws will be abused by hackers.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-august-2025-patch-tuesday-fixes-107-vulnerabilities-including-13-critical-and-one-zero-day-d-p-s-n-g/gD2P6Ple2L
SAP releases August 2025 security updates, patches 19 flaws, at least three critical
SAP released August 2025 security updates addressing 19 vulnerabilities including three critical code injection flaws (CVSS 9.9) affecting SAP S/4HANA and SAP Landscape Transformation that allow attackers to inject arbitrary code into enterprise systems.
If you're running SAP products, review the advisory in detail for any vulnerable products you need to patch. High priority are SAP S/4HANA or SAP Landscape Transformation systems, that have patches for critical flaws. And hackers love SAP platforms, because everyone is too scared to patch them.
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sap-releases-august-2025-security-updates-patches-26-flaws-at-least-three-critical-f-7-1-g-b/gD2P6Ple2L
North Korean hacker group Kimsuky allegedly breached, data leaked
North Korean state-sponsored APT group Kimsuky was allegedly breached by hackers who leaked 8.9 gigabytes of operational data including phishing tools, malware source code, Cobalt Strike loaders, and targeting lists against South Korean government and defense entities. The breach, published via DDoSecrets and announced at DEF CON 33, is expected to significantly hamper Kimsuky's operations by exposing their infrastructure and forcing them to rebuild compromised tools and methodologies.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/north-korean-hacker-group-kimsuky-allegedly-breached-data-leaked-h-4-h-s-2/gD2P6Ple2L
I bet they were still sending out the AOL CDs until last month 🤦♂️
Not a bug!
State of (in)security - Week 32, 2025
Cybersecurity incidents surged during the week of August 4-11, 2025, with 21 vulnerability advisories and 20 data breach incidents affecting 6.658 million individuals, primarily due to a massive Bouygues Telecom cyberattack that exposed 6.4 million customers' data. Social engineering and phishing attacks dominated as the leading attack vector with four incidents, Healthcare, IT/technology, and education sectors were the most frequently targeted industries.
Never trust "secret profit methods" or anyone claiming to share money-making exploits - if someone really found a way to make 37% profit, they'd use it themselves, not share it. Never run unknown JavaScript code or programs from random sources, especially ones promising easy profits.
#cybersecurity #infosec #knowledge #weeklyreport
https://beyondmachines.net/event_details/state-of-in-security-week-32-2025-n-w-s-5-h/gD2P6Ple2L
Pennsylvania Attorney General's Office hit by cybersecurity incident, shuts down digital infrastructure
The Pennsylvania Attorney General's Office suffered a major cyber incident on Monday, August 12, 2025, that took down their entire digital infrastructure including website, email systems, and phone lines, preventing citizens from accessing services or providing tips. The nature of the attack and any potential data exposure have not been disclosed.
****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/pennsylvania-attorney-general-s-office-hit-by-cybersecurity-incident-shuts-down-digital-infrastructure-8-6-4-9-r/gD2P6Ple2L
Pike County reports third party breach exposing data of over 33,000 Individuals
A ransomware attack on Pike County's third-party IT provider Ohio Valley Technologies compromised personal and financial data of 33,174 current and former county employees and residents. The county discovered the breach on April 28, 2025, and responded by engaging cybersecurity firms for forensic analysis and notifying federal law enforcement.
****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/pike-county-reports-third-party-breach-exposing-data-of-over-33000-individuals-4-b-d-x-h/gD2P6Ple2L
Ransomware attack on dutch medical lab exposes cancer screening data of almost 500K women
A ransomware attack on Dutch medical laboratory Clinical Diagnostics NMDL exposed sensitive personal and medical data of 485,000 women from the national cervical cancer screening program. The stolen information is already appearing on dark web marketplaces. The company violated data protection regulations by waiting over a month to report the breach instead of the required 72-hour notification period.
****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/ransomware-attack-on-dutch-medical-lab-exposes-cancer-screening-data-of-almost-500k-women-j-8-d-c-7/gD2P6Ple2L
Should i be suspicious, or just accept the malware? 😈
BeyondMachines :verified: