Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. "UNC3886 has a track record of utilizing zero-day vulnerabilities to complete … [Read more...] about Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
hacker news
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
Jan 20, 2024NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The … [Read more...] about CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
Jan 19, 2024NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. "These applications are being hosted on Chinese pirating websites in order to gain victims," Jamf Threat Labs researchers Ferdous Saljooki and Jaron Bradley said. "Once … [Read more...] about Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Jan 18, 2024NewsroomSupply Chain Attacks / AI Security Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on … [Read more...] about TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
Jan 17, 2024NewsroomFinancial Data / Vulnerability The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities that can be weaponized by threat actors to execute arbitrary code. The STM Cyber R&D team, which reverse engineered the Android-based devices manufactured by the Chinese firm owing to their rapid deployment … [Read more...] about PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions
Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits
Jan 16, 2024NewsroomVulnerability / Network Security Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS) condition and remote code execution (RCE). "The two issues are fundamentally the same but exploitable at different HTTP URI paths due to … [Read more...] about Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits
3 Ransomware Group Newcomers to Watch in 2024
The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases. Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a teaser—2023 roared back with the same fervor as 2021, propelling existing groups and ushering in a wave of … [Read more...] about 3 Ransomware Group Newcomers to Watch in 2024
New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks
Jan 14, 2024NewsroomCyber Attack / Vulnerability The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a security flaw … [Read more...] about New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks
Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches
Jan 13, 2024NewsroomVulnerability / Network Security Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. "An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series and EX … [Read more...] about Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
Jan 12, 2024NewsroomVulnerability / Threat Intelligence As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent authentication and … [Read more...] about Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families