Cisco Talos warns of large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services. Cisco Talos researchers warn of large-scale credential brute-force attacks targeting multiple targets, including Virtual Private Network (VPN)…
Tag: Security Affairs
PuTTY SSH Client flaw allows of private keys recovery
The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys. PuTTY tools from 0.68 to 0.80 inclusive are affected by a critical vulnerability, tracked as CVE-2024-31497, that resides in…
A renewed espionage campaign targets South Asia with iOS spyware LightSpy
Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy. The sophisticated mobile spyware…
Misinformation and hacktivist campaigns targeting the Philippines skyrocket
Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024. Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber…
Russia is trying to sabotage European railways, Czech minister said
Czech transport minister warned that Russia conducted ‘thousands’ of attempts to sabotage railways, attempting to interfere with train networks and signals. Early this month, the Czech transport minister Martin Kupka warned that Russia has conducted ‘thousands’ of attempts to sabotage…
Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia
The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB…
Cisco Duo warns telephony supplier data breach exposed MFA SMS logs
Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. Cisco Duo warns of a data breach involving one of its…
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets
The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities…
CISA adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-3400 Palo Alto Networks PAN-OS Command Injection vulnerability to its Known…
Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor
Threat actors have been exploiting the recently disclosed zero-day in Palo Alto Networks PAN-OS since March 26, 2024. Palo Alto Networks and Unit 42 are investigating the activity related to CVE-2024-3400 PAN-OS flaw and discovered that threat actors have been…