Posted inVulnerabilities
From Cybersecurity Help – New credential stuffing service Atlantis AIO targets over 140 online platforms
The service offers pre-configured modules that specifically target major online platforms. Read More
Posted inNews
From Dark Reading – Jamf Buys Identity Automation, Expands IAM Capabilities
The $215 million acquisition will allow Jamf offer dynamic identity capabilities and device access in a single platform. Read More
Posted inArticles
From Schneier on Security – Trojaned AI Tool Leads to Disney Hack
This is a sad story of someone who downloaded a Trojaned AI tool that resulted in hackers taking over his computer and, ultimately, costing him his job. Read More
Posted inNews
From The Hacker News – PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023.
French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and
.webp)
Posted inNews
From Cyber Security News – Salt Typhoon Hackers Exploit Cisco Vulnerability To Gain Access To U.S. Telecom Networks
Cisco Talos has uncovered a sophisticated cyberespionage campaign by the state-aligned “Salt Typhoon” group targeting U.S. telecommunications infrastructure since late 2024. While credential theft remains their primary entry method, researchers…
Posted inNews
From Dark Reading – Cisco Confirms Salt Typhoon Exploitation in Telecom Hits
In addition to using CVE-2018-0171 and other Cisco bugs to break into telecom networks, the China-sponsored APT is also using using stolen login credentials for initial access. Read More