InfoSecBulletin Cybersecurity for mankind

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain SIEM and SOAR platforms. SIEM and SOAR help organizations analyze data from firewalls, endpoints, and applications to improve detection and response to cybersecurity incidents. However, many face implementation challenges due to high costs and ongoing …

The Qualys Threat Research Unit (TRU) found two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities. CVE-2025-5054 affects Ubuntu’s core-dump handler, Apport, while CVE-2025-4598 targets systemd-coredump, the default core-dump handler on Red Hat Enterprise Linux 9 and 10, as well as Fedora. These vulnerabilities allow a …

New ransomware payment reporting rules take effect in Australia yesterday (May 30) for all organisations with an annual turnover of AUS $3 million ($1.93 million). Australia’s Cyber Security Act 2024 applies to private companies managing critical infrastructure assets. Organizations must report any ransomware payments to the Australian Signals Directorate (ASD) …