Intel

A significant breach of AT&T's network by the Chinese state-sponsored group, Salt Typhoon, has led to unauthorized access to sensitive U.S. telecommunications data. Active undetected for over 18 months until 2023, the breach exposed critical communications metadata of FBI informants, potentially creating a crisis for

The continuing devastation of the California wildfires has given rise to another threat—cybercriminals seeking to exploit the disaster. These malicious actors are leveraging the chaos, using sophisticated phishing tactics to deceive those impacted by the fires. New Domains Mimic Legitimate Services Researchers at Veriti have discovered a proliferation of

A recently corrected vulnerability has come to light, highlighting a flaw in the Secure Boot mechanism of Unified Extensible Firmware Interface (UEFI) systems. This issue, tracked as CVE-2024-7344 with a CVSS score of 6.7, involves an application signed with Microsoft's third-party UEFI certificate from 2011, as reported

A sophisticated botnet comprising 13,000 MikroTik devices is leveraging domain name system (DNS) misconfigurations to circumvent email security measures and disseminate malware. The perpetrators exploit weaknesses in the Sender Policy Framework (SPF) of roughly 20,000 web domains to achieve this. Exploiting SPF Misconfiguration Security experts at Infoblox have

FBI Neutralizes PlugX Malware Using Its Own Self-Destruct Feature In an unprecedented collaboration, the FBI and French law enforcement have successfully removed the PlugX malware from over 4,200 computers in the United States. Leveraging the malware’s innate self-delete mechanism, authorities dismantled this notorious China-linked remote access trojan (RAT)

New Rsync Vulnerabilities Threaten Over 660,000 Exposed Servers A series of newly identified vulnerabilities have left more than 660,000 Rsync servers at risk of remote code execution attacks, including a critical heap-buffer overflow flaw. This open-source utility, known for its efficient file synchronization and data transfer capabilities, is

The Halcyon RISE Team has discovered a sophisticated ransomware campaign by a threat actor known as "Codefinger." This new attack targets Amazon S3 buckets, utilizing AWS’s Server-Side Encryption with Customer-Provided Keys (SSE-C) to lock data and demand ransom for the decryption keys. Attack Mechanism: The campaign leverages

A newly discovered zero-day vulnerability in FortiOS and FortiProxy systems is being actively exploited by cybercriminals to compromise Fortinet firewalls, posing a severe risk to enterprise network security. Vulnerability Details and Exploitation Type of Vulnerability: Authentication Bypass Affected Products: FortiOS and FortiProxy Impact: Unauthorized access and potential control hijacking of

In a significant cyber espionage campaign attributed to Russian entities, hackers have been actively targeting Kazakhstan to harvest economic and political intelligence. This operation is believed to be orchestrated by the cyber group UAC-0063, considered to overlap with the notorious APT28, linked to Russia's military intelligence, the GRU.