Multiple Vulnerabilities Found in SonicWall SSL-VPN SMA1000 and Connect...
SonicWall has released security updates to address multiple vulnerabilities affecting its SMA 1000 series SSL-VPN appliances and the associated Connect Tunnel Windows client. These flaws could allow...
View ArticleFog & Akira Ransomware Exploit Critical Veeam RCE Flaw CVE-2024-40711 After...
In a recent alert, Sophos X-Ops MDR and Incident Response revealed a surge in ransomware attacks exploiting a critical vulnerability in Veeam Backup & Replication software, CVE-2024-40711. Over the...
View ArticleCISA Warns of F5 BIG-IP Cookie Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning organizations about a vulnerability involving unencrypted persistent cookies in the F5 BIG-IP Local...
View ArticleDOJ Charges 18 in Cryptocurrency Fraud Case, Seizes Over $25 Million
The Department of Justice (DOJ) has unsealed charges against 18 individuals and entities for widespread fraud and market manipulation. The scheme, which involved cryptocurrency companies, market...
View ArticleLynx Ransomware: The Evolution of INC Ransomware into a Potent Cyber Threat
Palo Alto Networks has discovered a new ransomware threat actor dubbed “Lynx” that is actively targeting organizations in various sectors across the U.S. and UK. This new malware is not... The post...
View ArticleNSA, FBI, and Allies Expose Ongoing Russian Cyber Espionage Operations
Recently, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), the United States Cyber Command’s Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber...
View ArticleFACTION: Pen Test Report Generation and Assessment Collaboration
In the ever-evolving landscape of cybersecurity, penetration testing (pen testing) and security assessments are vital to identifying vulnerabilities before they can be exploited by malicious actors....
View ArticleMozilla Confirms Active Attacks on Tor Browser via Firefox Vulnerability
Mozilla has issued an urgent security update for its Firefox browser to address a critical vulnerability that is currently being exploited in the wild. The flaw, tracked as CVE-2024-9680 and... The...
View ArticleCasio Hit by Ransomware Attack, Customer and Employee Data Compromised
Electronics giant Casio has disclosed a significant security breach resulting from a ransomware attack. The incident, which began on October 5th, has impacted various servers, leading to system...
View ArticleMicrosoft Deprecates Aging VPN Protocols PPTP and L2TP in Future Windows...
Microsoft is taking a significant step towards enhancing VPN security by deprecating the aging Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in upcoming versions of...
View ArticleCVE-2024-9180: HashiCorp Vault Vulnerability Could Lead to Privilege Escalation
HashiCorp has issued a security bulletin disclosing a vulnerability in its Vault secret management platform that could allow attackers to escalate their privileges to the highly sensitive root policy....
View ArticleSuspected Nation-State Adversary Exploits Ivanti CSA in a Series of...
Fortinet’s FortiGuard Labs recently released a detailed analysis of a sophisticated cyberattack targeting the Ivanti Cloud Services Appliance (CSA). The attackers, suspected to be a nation-state actor,...
View ArticleFIDO Alliance Unveils New Draft Specifications for Secure Credential Exchange
The FIDO Alliance, a global industry association dedicated to eliminating the world’s reliance on passwords, today announced a major step towards enhancing the passkey user experience. In a move to......
View ArticleEDRSilencer: The Red Team Tool Turned Cybercriminal Weapon
The Trend Micro Threat Hunting Team has uncovered EDRSilencer, a red team tool designed to disrupt endpoint detection and response (EDR) solutions. Originally intended to help security professionals...
View ArticleHelmholz REX100 Industrial Routers Found Vulnerable to Critical Security...
CERT@VDE has issued a security advisory disclosing multiple vulnerabilities in Helmholz REX100 industrial routers, potentially allowing unauthorized access and remote code execution. The Helmholz...
View ArticlePipeMagic Trojan Exploits Fake ChatGPT App to Target Saudi Arabian Organizations
Kaspersky’s Global Research and Analysis Team (GReAT) has disclosed a new campaign distributing the PipeMagic Trojan, a sophisticated backdoor with evolving capabilities. This campaign, which marks an...
View ArticleCISA Warns Actively Exploited Vulnerabilities, Including Windows Kernel Flaw...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about three actively exploited security vulnerabilities affecting a wide range of software, including Microsoft...
View ArticleDon’t Get Tricked: RTF Files Are the Latest Weapon in Phishing Attacks
In 2024, phishing attacks have taken on a new and dangerous form, utilizing Rich Text Format (RTF) files in creative and highly deceptive ways. According to a recent report by... The post Don’t Get...
View ArticleCritical Vulnerabilities Found in mbNET.mini Industrial Routers Could Allow...
A security advisory issued by CERT@VDE has revealed multiple critical vulnerabilities in the mbNET.mini industrial router, a widely used device designed for secure remote access to industrial machines...
View ArticleBroken Promises: E2EE Cloud Storage Vulnerabilities Exposed
In a world where data privacy is a growing concern, end-to-end encryption (E2EE) cloud storage systems promise to keep your information secure, even from the very providers managing the storage. But......
View Article