Content Paint
Search
Sign in

Vault 33: Cyber News - Intel - Research

Vault 33 is your ultimate hub for cutting-edge cybersecurity insights, delivering expert analysis, detailed tutorials, research, and the latest updates in threat and vulnerability management.

Intel  | Jan 17, 2025
FBI Informant Communications Compromised: AT&T Breach Reveals Expanded Damage
/
FBI Informant Communications Compromised: AT&T Breach Reveals Expanded Damage
Intel  | Jan 16, 2025
Scammers Target California Wildfire Victims by Posing as Relief Services
/
Scammers Target California Wildfire Victims by Posing as Relief Services
Intel  | Jan 16, 2025
Critical UEFI Secure Boot Flaw Exposes Systems to Malicious Bootkit Attacks
/
Critical UEFI Secure Boot Flaw Exposes Systems to Malicious Bootkit Attacks
Intel  | Jan 16, 2025
Misconfigured SPF DNS Records Enable MikroTik Botnet to Spread Malware
/
Misconfigured SPF DNS Records Enable MikroTik Botnet to Spread Malware
Intel  | Jan 15, 2025
FBI Employs Malware's 'Self-Delete' Tactic to Remove Chinese PlugX from U.S. Systems
/
FBI Employs Malware's 'Self-Delete' Tactic to Remove Chinese PlugX from U.S. Systems
News  | Jan 15, 2025
CISA Releases Guidance on Enhanced Microsoft Logging Features
/
CISA Releases Guidance on Enhanced Microsoft Logging Features

Discover Our Featured Posts

Featured Posts

4 Posts
Intel  | Jan 11, 2025
China's UNC5337 Exploits Critical Ivanti RCE Vulnerability in Repeated Attacks

A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting

China's UNC5337 Exploits Critical Ivanti RCE Vulnerability in Repeated Attacks
/

A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting

News  | Dec 13, 2024
US Government Offering $5 Million for Information on North Korean IT Worker Farms

The United States has announced a reward of up to $5 million for information leading to the disruption of North Korean IT worker schemes. These operations involve illicit remote work practices that fuel the nation's prohibited missile programs. Involved Entities Two companies, Yanbian Silverstar based in China and

US Government Offering $5 Million for Information on North Korean IT Worker Farms
/

The United States has announced a reward of up to $5 million for information leading to the disruption of North Korean IT worker schemes. These operations involve illicit remote work practices that fuel the nation's prohibited missile programs. Involved Entities Two companies, Yanbian Silverstar based in China and

News  | Nov 27, 2024
Researchers Have Discovered a new UEFI Bootkit Malware for Linux

In a groundbreaking discovery, researchers have identified "the first UEFI bootkit specifically engineered to target Linux systems". This represents a significant evolution in bootkit threats, which have historically concentrated on Windows environments. Innovative Threat The UEFI bootkit is a sophisticated form of malware designed to integrate into the

Researchers Have Discovered a new UEFI Bootkit Malware for Linux
/

In a groundbreaking discovery, researchers have identified "the first UEFI bootkit specifically engineered to target Linux systems". This represents a significant evolution in bootkit threats, which have historically concentrated on Windows environments. Innovative Threat The UEFI bootkit is a sophisticated form of malware designed to integrate into the

Intel  | Nov 22, 2024
Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'

Russian APT28 Hackers Exploit US Company Wi-Fi from Afar In a remarkable demonstration of their capabilities, Russian cyber espionage group APT28, also known as Fancy Bear and linked to Russia's military intelligence agency GRU, successfully infiltrated a U.S. company's Wi-Fi network from a distant location.

Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'
/

Russian APT28 Hackers Exploit US Company Wi-Fi from Afar In a remarkable demonstration of their capabilities, Russian cyber espionage group APT28, also known as Fancy Bear and linked to Russia's military intelligence agency GRU, successfully infiltrated a U.S. company's Wi-Fi network from a distant location.

Read Our Latest Posts

Latest Posts

158 Posts
Intel  | Jan 17, 2025
FBI Informant Communications Compromised: AT&T Breach Reveals Expanded Damage
FBI Informant Communications Compromised: AT&T Breach Reveals Expanded Damage

A significant breach of AT&T's network by the Chinese state-sponsored group, Salt Typhoon, has led to unauthorized access to sensitive U.S. telecommunications data. Active undetected for over 18 months until 2023, the breach exposed critical communications metadata of FBI informants, potentially creating a crisis for

Intel  | Jan 16, 2025
Scammers Target California Wildfire Victims by Posing as Relief Services
Scammers Target California Wildfire Victims by Posing as Relief Services

The continuing devastation of the California wildfires has given rise to another threat—cybercriminals seeking to exploit the disaster. These malicious actors are leveraging the chaos, using sophisticated phishing tactics to deceive those impacted by the fires. New Domains Mimic Legitimate Services Researchers at Veriti have discovered a proliferation of

Intel  | Jan 16, 2025
Critical UEFI Secure Boot Flaw Exposes Systems to Malicious Bootkit Attacks
Critical UEFI Secure Boot Flaw Exposes Systems to Malicious Bootkit Attacks

A recently corrected vulnerability has come to light, highlighting a flaw in the Secure Boot mechanism of Unified Extensible Firmware Interface (UEFI) systems. This issue, tracked as CVE-2024-7344 with a CVSS score of 6.7, involves an application signed with Microsoft's third-party UEFI certificate from 2011, as reported

Intel  | Jan 16, 2025
Misconfigured SPF DNS Records Enable MikroTik Botnet to Spread Malware
Misconfigured SPF DNS Records Enable MikroTik Botnet to Spread Malware

A sophisticated botnet comprising 13,000 MikroTik devices is leveraging domain name system (DNS) misconfigurations to circumvent email security measures and disseminate malware. The perpetrators exploit weaknesses in the Sender Policy Framework (SPF) of roughly 20,000 web domains to achieve this. Exploiting SPF Misconfiguration Security experts at Infoblox have

Intel  | Jan 15, 2025
FBI Employs Malware's 'Self-Delete' Tactic to Remove Chinese PlugX from U.S. Systems
FBI Employs Malware's 'Self-Delete' Tactic to Remove Chinese PlugX from U.S. Systems

FBI Neutralizes PlugX Malware Using Its Own Self-Destruct Feature In an unprecedented collaboration, the FBI and French law enforcement have successfully removed the PlugX malware from over 4,200 computers in the United States. Leveraging the malware’s innate self-delete mechanism, authorities dismantled this notorious China-linked remote access trojan (RAT)

News  | Jan 15, 2025
CISA Releases Guidance on Enhanced Microsoft Logging Features
CISA Releases Guidance on Enhanced Microsoft Logging Features

CISA Issues Guidance on Microsoft’s Enhanced Logging Features The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance for government and business users on leveraging expanded logging capabilities within Microsoft 365. These enhancements are designed to improve forensic and compliance investigations. Enhanced Logging Capabilities Microsoft has introduced advanced

Intel  | Jan 15, 2025
Over 660,000 Rsync Servers at Risk: Code Execution Vulnerabilities Uncovered
Over 660,000 Rsync Servers at Risk: Code Execution Vulnerabilities Uncovered

New Rsync Vulnerabilities Threaten Over 660,000 Exposed Servers A series of newly identified vulnerabilities have left more than 660,000 Rsync servers at risk of remote code execution attacks, including a critical heap-buffer overflow flaw. This open-source utility, known for its efficient file synchronization and data transfer capabilities, is

Intel  | Jan 14, 2025
Codefinger Ransomware Targets AWS to Encrypt S3 Buckets in Latest Attack
Codefinger Ransomware Targets AWS to Encrypt S3 Buckets in Latest Attack

The Halcyon RISE Team has discovered a sophisticated ransomware campaign by a threat actor known as "Codefinger." This new attack targets Amazon S3 buckets, utilizing AWS’s Server-Side Encryption with Customer-Provided Keys (SSE-C) to lock data and demand ransom for the decryption keys. Attack Mechanism: The campaign leverages

Intel  | Jan 14, 2025
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Fortinet warns of auth bypass zero-day exploited to hijack firewalls

A newly discovered zero-day vulnerability in FortiOS and FortiProxy systems is being actively exploited by cybercriminals to compromise Fortinet firewalls, posing a severe risk to enterprise network security. Vulnerability Details and Exploitation Type of Vulnerability: Authentication Bypass Affected Products: FortiOS and FortiProxy Impact: Unauthorized access and potential control hijacking of

Browse by Tags

3 Tags
Intel
Intel
News
News
Research
Research
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.