Intel
In a detailed report, cybersecurity firm Infoblox has unveiled the sophisticated use of domain spoofing in worldwide spam operations. This discovery emerged from a collaborative cybersecurity study focused on the Chinese Great Firewall, specifically addressing activities by a threat actor dubbed "Muddling Meerkat." Initially, the research aimed to
A new remote code execution (RCE) vulnerability, tracked as CVE-2024-50603, has been discovered in Aviatrix Controller, posing significant risks to cloud environments. This severe vulnerability allows unauthenticated attackers to execute arbitrary commands through improperly sanitized user inputs, earning it a maximum CVSS score of 10.0. Patches have been released
A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting
Unmasking the Threat Microsoft has taken a significant step in its cybersecurity efforts by initiating legal proceedings against a "foreign-based threat actor group" involved in bypassing safeguards of its AI services to create harmful content. The company’s Digital Crimes Unit (DCU) reports that these adversaries have developed
A recent investigation by cybersecurity firm Fortinet has uncovered a sophisticated phishing scheme targeting PayPal users. This campaign leverages genuine PayPal links to deceive recipients, ultimately allowing cybercriminals to gain unauthorized access to users' accounts. The Phishing Tactic The phishing operation involves emails that closely emulate authentic PayPal notifications.
Cybercriminals have launched a sophisticated phishing campaign impersonating CrowdStrike recruiters, aiming to install cryptominer malware on job seekers' devices. By pretending to offer positions at this respected cybersecurity company, perpetrators lure individuals into downloading harmful software. Phishing Tactic Unveiled According to CrowdStrike, this threat was first identified on January
The U.S. Treasury faced a significant cybersecurity breach in December, now linked to Chinese state-sponsored hackers known as Silk Typhoon. This group, also referred to as Hafnium, is reputed for its sophisticated cyberespionage activities. Details of the Breach Date and Method of Attack: The breach was initially publicized by
Japanese authorities, the National Police Agency (NPA) and the Cabinet Cyber Security Center, have attributed a persistent cyber-espionage campaign to "MirrorFace," a hacking group linked to the Chinese state. This operation, ongoing since 2019, primarily aims to extract sensitive information about Japan's technological advancements and national
Japanese electronics company Casio has announced the results of its investigation into a recent ransomware attack that has affected thousands of individuals. In early October 2024, Casio disclosed network disruptions and system failures due to unauthorized access. Ransomware Attack Confirmation Shortly after the initial disclosure, Casio confirmed that a ransomware