An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordin...
https://securityaffairs.com/162001/hacking/labhost-phaas-dismantled.html
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapeka t...
https://securityaffairs.com/161987/hacking/kapeka-backdoor-linked-sandworm.html
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Ma...
https://securityaffairs.com/161975/hacking/cisco-integrated-management-controller-bug.html
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critica...
https://securityaffairs.com/161962/cyber-crime/cerber-ransomware-cve-2023-22518-atlassian.html
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can lead to remote command execution. Ivanti addressed multiple flaws in its Avalanche...
https://securityaffairs.com/161952/security/ivanti-avalanche-mdm-critical-flaws.html
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. Researchers at watchTowr Labs have released a technical analysis of t...
https://securityaffairs.com/161936/hacking/exploit-code-cve-2024-3400-palo-alto-pan-os.html
Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. Cisco Talos researchers w...
https://securityaffairs.com/161943/hacking/brute-force-attacks.html
The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys. PuTTY tools from 0.68 to 0.80 inclusive are affected by a...
https://securityaffairs.com/161921/security/putty-ssh-client-flaw.html
Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targe...
https://securityaffairs.com/161908/intelligence/ios-spyware-lightspy-asia.html
Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024. Amidst rising tensions with China in the South China S...
https://securityaffairs.com/161909/intelligence/misinformation-targeting-the-philippines.html