Forescout has detected a new campaign exploiting a vulnerability in Fortinet FortiClient EMS devices to disseminate malware. The SQL injection vulnerability, CVE-2023-48788 (CVSS score: 9.8), enables unauthorized attackers to execute code through specially crafted...
American mobile service providers T-Mobile and Verizon have been besieged by a wave of cybercriminal attacks, wherein employees are bombarded with messages on both personal and work phones offering financial incentives for engaging in...
In the first quarter of 2024, the Philippines witnessed a sharp increase in cyberattacks amid escalating tensions in the South China Sea, as reported by Resecurity. Compared to the same period last year, the...
In 2023, the United States food and agriculture sector encountered no fewer than 167 ransomware attacks, ranking it as the seventh most vulnerable among all industries in the country, according to the inaugural annual...
International cybersecurity is under threat following a discovery by Cisco Talos experts of a large-scale credential stuffing campaign targeting VPN and SSH services of companies including Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti. The campaign...
Palo Alto Networks’ Unit 42 reports that the cybercriminal group Muddled Libra is actively targeting cloud applications and cloud service providers in a bid to steal confidential data. According to the report, the attackers...
Recently, the cybercriminal group TA558 has significantly increased its malicious activities, attacking organizations worldwide with various types of malware. Security specialists from Positive Technologies have identified over 320 attacks carried out by this group....
The cybercriminal group Daixin Team has claimed responsibility for the recent attack on the Omni Hotels & Resorts network and threatens to release confidential customer information unless a ransom is paid. Omni Hotels operates...
A third-party company responsible for the telecommunication services used in Cisco Duo’s multi-factor authentication (MFA) system was subjected to a cyberattack employing social engineering tactics. Consequently, Cisco has urged its clients to exercise extreme...
Recently, cybersecurity experts successfully thwarted an attempt to hack a project on the OpenJS platform, which bears a striking resemblance to a recent incident involving a backdoor in the XZ Utils compression utility. On...
A team of cybersecurity experts has detected a resurgence of a cyberespionage campaign targeting users in South Asia. The objective of these attacks is to deploy a new version of the malicious software LightSpy,...
Nexperia, a prominent Dutch semiconductor manufacturer under the management of the Chinese company Wingtech, recently experienced a serious cyberattack. According to an official statement from the company, unauthorized access to its information systems was...
In a collaborative operation that began in 2020, the Australian Federal Police (AFP) and the Federal Bureau of Investigation (FBI) have arrested two individuals suspected of developing and distributing the malicious software initially named...
Recently, details emerged about a new cyberattack tool developed by the Iranian hacker group MuddyWater, also known as Boggy Serpens, Mango Sandstorm, and TA450. Affiliated with Iran’s Ministry of Intelligence and Security, this cybercriminal...
Last Friday, April 12, we discussed a new vulnerability in the PAN-OS operating system, used in Palo Alto Networks’ network gateways. At that time, the company acknowledged that the vulnerability, designated CVE-2024-3400, had been...
ESET reports on a new malicious campaign targeting users in South Asia, initiated in November 2021 and disseminating malware through specialized websites and the Google Play Store. The infected applications, while providing legitimate functionalities,...
