Security news aggregator

Latest coverage for Outage

Outages can disrupt security tools and critical services, showing how failures in infrastructure, vendors, or recovery plans affect cyber resilience.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Outage is a period when a system, network, application, or online service is unavailable or cannot perform its intended function. It may be planned maintenance or an unplanned disruption caused by equipment or software failure, misconfiguration, a dependency problem, natural hazards, or a denial-of-service attack. The tag generally concerns availability incidents, not every performance issue or security breach.

For security practitioners, an outage requires determining whether malicious activity contributed to the disruption while preserving relevant logs, network telemetry, and system state for investigation. Defenses include capacity planning, segmented and redundant architecture, tested failover and recovery procedures, and controls that limit the effect of DDoS traffic or compromised dependencies. Emergency changes made during recovery should be authorized and recorded, since they can create new vulnerabilities or affect data integrity. Clear incident ownership and communications help coordinate technical response without obscuring the cause or scope.

Volume over time

Weekly headline count for the current query.

Showing 4 most recent headlines Filtered view

Security community needs to rally and share more info faster, one researcher says Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, Cloudflare's technology chief said his company took down its own network, forcing a widespread outage early Friday, to patch React2Shell.…

Trend Micro Research, News and Perspectives 1 year, 10 months ago

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network operations. While these issues are implementation-specific, their exploitation is made possible by a systemic weakness: the lack of mandatory authentication procedures between base stations and packet-cores.