CVE-2023-20198 – Threat Note

From Cyber Security News – 23 Vulnerabilities in Black Basta’s Chat Logs Exploited in the Wild, Including PAN-OS, Cisco IOS, & Exchange

GreyNoise has confirmed active exploitation of 23 out of 62 vulnerabilities referenced in internal chat logs attributed to the Black Basta ransomware group. These vulnerabilities span enterprise software, security appliances,…

shaikh Saqib February 27, 2025

News

From The Hacker News – Two Actively Exploited Security Flaws in Adobe and Oracle Products Flagged by CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws impacting Adobe ColdFusion and Oracle Agile Product Lifecycle Management (PLM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below - CVE-2017-3066 (CVSS score: 9.8) - A deserialization vulnerability impacting

shaikh Saqib February 25, 2025

News

From Dark Reading – Cisco Confirms Salt Typhoon Exploitation in Telecom Hits

In addition to using CVE-2018-0171 and other Cisco bugs to break into telecom networks, the China-sponsored APT is also using using stolen login credentials for initial access. Read More

shaikh Saqib February 21, 2025

News

From Dark Reading – Salt Typhoon Exploits Cisco Devices in Telco Infrastructure

The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months. Read More

shaikh Saqib February 14, 2025

Vulnerabilities

From Cybersecurity Help – Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more. Read More

shaikh Saqib February 14, 2025

News

From Security Week – SonicWall Firewall Vulnerability Exploited After PoC Publication

[[{"value":"The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published. The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek."}]] Read More

shaikh Saqib February 14, 2025

News

From Security Week – Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks

[[{"value":"China-linked APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US and abroad. The post Salt Typhoon Targeting Old Cisco Vulnerabilities…

shaikh Saqib February 14, 2025

News

From Cyber Security News – RedMike Hackers Exploited 1000+ Cisco Devices to Gain Admin Access

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as “Salt Typhoon,” also referred to as “RedMike.” Between December 2024 and January 2025, the group exploited…

shaikh Saqib February 14, 2025

News

From The Hacker News – Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity. "During the attack in late 2024, the attacker deployed a distinct toolset that had

shaikh Saqib February 13, 2025