Cyber Security Research Blogs - Page 6 Of 25 - Blog On Advance InfoSec Concepts

LANDFALL: Samsung Zero-Day Exploit

All Blog 10th November 202524th December 2025 ritik_t

In targeted attacks across the Middle East, attackers weaponized a now-patched Samsung image-codec zero-day (CVE-2025-21042) to deliver a modular Android spyware family dubbed LANDFALL. TheContinue readingLANDFALL: Samsung Zero-Day Exploit

Qilin Ransomware Hybrid Attack

All Blog 6th November 202524th December 2025 ritik_t

SummaryIn late-2025 researchers observed the Qilin ransomware operation progressively adopting hybrid, cross-platform attack techniques that allow affiliates to run Linux-based encryptors against predominantly Windows environmentsContinue readingQilin Ransomware Hybrid Attack

CVE-2025-55752: Apache Tomcat Path Traversal Vulnerability

All Blog 5th November 202524th December 2025 ritik_t

Vulnerable Version Tomcat 11.0.0-M1 through 11.0.10Tomcat 10.1.0-M1 through 10.1.44Tomcat 9.0.0-M11 through 9.0.108Some EOL builds may also be impacted Fixed Version Tomcat 11.0.11 and aboveTomcat 10.1.45Continue readingCVE-2025-55752: Apache Tomcat Path Traversal Vulnerability

Information Security Management for Govt Organizations

All Blog, CERT-IN 3rd November 202524th December 2025 ritik_t

Introduction In an era where data has become the new oil, the protection of information assets is no longer optional—it’s a strategic necessity. Government organizations,Continue readingInformation Security Management for Govt Organizations

Information Security Practices for Govt Entities

All Blog, CERT-IN 24th October 202524th December 2025 ritik_t

Introduction In this age of fast digital transformation, government services are becoming increasingly reliant on secure IT systems. Cyber dangers including ransomware, phishing, and state-sponsoredContinue readingInformation Security Practices for Govt Entities

Framework for Building Effective BOMs: SBOM to HBOM

All Blog, CERT-IN 18th October 202524th December 2025 ritik_t

Introduction In an increasingly interconnected digital ecosystem, the complexity of supply chains—spanning software, hardware, cryptography, quantum computing, and artificial intelligence—has created new layers of cybersecurityContinue readingFramework for Building Effective BOMs: SBOM to HBOM

MSME Cybersecurity: 15 Key Defense Measures

All Blog, CERT-IN 17th October 202524th December 2025 ritik_t

In today’s digital age, MSME cybersecurity is crucial in India. It helps protect critical infrastructure, confidential data, and ensures compliance with legal requirements. Implementing strongContinue readingMSME Cybersecurity: 15 Key Defense Measures

WASA Audits : Ensuring ABDM Compliance

All Blog, CERT-IN 11th October 202524th December 2025 ritik_t

ABDM WASA Audit Compliance has become a crucial requirement for healthcare applications in India, ensuring they meet the security and interoperability standards set by theContinue readingWASA Audits : Ensuring ABDM Compliance

VMware Zero-Day CVE-2025-41244 Exploited Since 2024: Local Privilege Escalation Under Attack

All Blog 10th October 202524th December 2025 ritik_t

Overview A local privilege-escalation problem known as CVE-2025-41244 has been exploited in the wild since mid-October 2024, allegedly by a China-linked entity known as UNC5174.Continue readingVMware Zero-Day CVE-2025-41244 Exploited Since 2024: Local Privilege Escalation Under Attack

Oracle E-Business Suite Zero-Day Attack (CVE-2025-61882)

All Blog 7th October 202524th December 2025 ritik_t

Overview An ongoing mass exploitation campaign targeting Oracle E-Business Suite (EBS) deployments has been discovered by CrowdStrike researchers using a hitherto unidentified vulnerability, now knownContinue readingOracle E-Business Suite Zero-Day Attack (CVE-2025-61882)