Posted inVulnerabilities
From Cybersecurity Help – Cyber Security Week in Review: October 20, 2023
The world in brief: Ragnar Locker, Trigona ransomware go down, Russian and Chinese hackers exploit WinRar zero-day, and more. Read More
Posted inVulnerabilities
From Cybersecurity Help – US seizes 17 domains used by North Korean IT workers to defraud businesses
North Korean IT workers collected nearly $1.5 million of revenue through the fraud schemes. Read More
Posted inVulnerabilities
From Cybersecurity Help – Russian and Chinese nation-state actors target recently patched WinRAR zero-day
Meanwhile, North Korean actors are actively exploiting the JetBrains TeamCity bug. Read More
Posted inVulnerabilities
From Cyber Security News – Citrix NetScaler Zero-Day Exploited to Compromise Government Organizations
Two critical security vulnerabilities, namely CVE-2023-4966 and CVE-2023-4967, have been discovered in NetScaler ADC and NetScaler Gateway. These vulnerabilities impact several versions of the products, and users are strongly advised…
Posted inVulnerabilities
From Cybersecurity Help – Recently patched Citrix NetScaler bug has been under exploitation since August 2023
Mandiant said it observed exploitation at professional services, technology, and government organizations. Read More
Posted inVulnerabilities
From Cybersecurity Help – Around 30,000 Cisco devices infected in IOS XE zero-day attacks
The majority of the infected devices are located in the US, followed by the Philippines, Chile and Mexico. Read More
Posted inVulnerabilities
From Cybersecurity Help – Hackers can now hide malicious code in Web3 smart contracts
EtherHiding’s flexibility enables hackers to modify the attack chain with each new blockchain transaction. Read More
Posted inVulnerabilities
From Cybersecurity Help – Fake ‘RedAlert’ airstrike alert app collects Israeli Android users’ data
The malicious app asks for multiple permissions, including access to contacts, call logs, SMS, and account information. Read More
Posted inVulnerabilities
From Cybersecurity Help – Russian hackers abuse recent WinRAR 0Day flaw to steal credentials
The campaign steals data from the Google Chrome and Microsoft Edge browsers. Read More
Posted inVulnerabilities
From Cybersecurity Help – Threat actors are actively exploiting unpatched Cisco zero-day bug
Cisco recommends that customers disable the HTTP Server feature on all internet-facing systems. Read More
Posted inVulnerabilities
From Cybersecurity Help – Telecom providers in Ukraine targeted with destructive attacks
CERT-UA has attributed these campaigns to the Sandworm military hackers. Read More
Posted inResearch
From Cybersecurity Help – AI algorithm intercepts MitM attacks on military robots
The researchers trained a robot’s operating system to identify the signatures of a MitM eavesdropping cyber attack. Read More
Posted inVulnerabilities
From Cybersecurity Help – CISA shares bugs, misconfigs and weaknesses linked to ransomware campaigns
The agency updated its KEV catalog to include info on which flaws are commonly associated with ransomware campaigns. Read More
Posted inVulnerabilities
From Cybersecurity Help – Cyber Security Week in Review: October 13, 2023
The world in brief: Microsoft fixes two zero-days, malicious NuGet packages deliver SeroXen RAT, and more. Read More
Posted inToolkit
From Cybersecurity Help – ‘Stayin’ Alive’ cyber espionage campaign targets telecoms, governments in Asia
The tools used in the campaign are linked to the same set of infrastructure tied to the Chinese threat actor ToddyCat. Read More