network segmentation – Threat Note

From Cyber Security News – Lotus Blossom APT Exploits WMI for Post-Exploitation Activities

The Lotus Blossom Advanced Persistent Threat (APT) group, also known as Lotus Panda, Billbug, and Spring Dragon, has intensified its cyberespionage efforts with new variants of the Sagerunex backdoor. These…

shaikh Saqib March 29, 2025

News

From Security Week – UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach

[[{"value":"The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack. The post UK Software Firm Fined £3…

shaikh Saqib March 27, 2025

News

From Dark Reading – FBI, CISA Raise Alarms As Medusa Ransomware Attacks Grow

Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to…

shaikh Saqib March 14, 2025

News

From Dark Reading – Volt Typhoon Strikes Massachusetts Power Utility

The prolonged attack, which lasted 300+ days, is the first known compromise of the US electric grid by the Voltzite subgroup of the Chinese APT; during it, the APT attempted…

shaikh Saqib March 12, 2025

News

From Cyber Security News – CISA Warns of Windows Win32k Vulnerability Exploited to Run Arbitrary code

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding CVE-2018-8639, a privilege escalation vulnerability in the Microsoft Windows Win32k component, which threat actors are actively exploiting to…

shaikh Saqib March 4, 2025

News

From Cyber Security News – HiveOS Vulnerabilities Let Attackers Execute Arbitrary Commands

Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands on affected systems. …

shaikh Saqib March 3, 2025

News

From Cyber Security News – Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack

The Wireshark Foundation has released version 4.4.4 of its widely used network protocol analyzer, addressing a high-severity vulnerability that could allow attackers to trigger denial-of-service (DoS) conditions by injecting malicious…

shaikh Saqib February 24, 2025

News

From Cyber Security News – PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability

Security researchers have released proof-of-concept (PoC) exploit code for CVE-2025-20029, a high-severity command injection vulnerability affecting F5’s BIG-IP application delivery controllers. The flaw, which carries a CVSS v3.1 score of…

shaikh Saqib February 24, 2025

News

From Cyber Security News – UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks

Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execution (RCE) attacks. The vulnerabilities,…

shaikh Saqib February 24, 2025

Vulnerabilities

From Cybersecurity Help – Ghost ransomware attacks critical infrastructure, targets global sectors in over 70 countries

The attacks exploit vulnerabilities in outdated software and firmware used by organizations with internet-facing services. Read More

shaikh Saqib February 20, 2025

News

From Cyber Security News – Massive Brute Force Attack Targets VPN & Firewall Logins Using 2.8 Million IPs

A global brute force attack campaign leveraging 2.8 million IP addresses actively targets edge security devices, including VPNs, firewalls, and gateways from vendors such as Palo Alto Networks, Ivanti, and…

shaikh Saqib February 10, 2025