Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot...
threatintel
CISA: CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs
CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs Today, CISA, the Federal Bureau of Investigation (FBI),...
LogoFAIL attack can install UEFI bootkits through bootup logos
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they...
Hackers use new Agent Raccoon malware to backdoor US targets
A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States,...
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over...
French government recommends against using foreign chat apps
Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such...
The Week in Ransomware – December 1st 2023 – Police hits affiliates
An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks...
TrickBot malware dev pleads guilty, faces 35 years in prison
On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware,...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These...
CISA: Exploitation of Unitronics PLCs used in Water and Wastewater Systems
Exploitation of Unitronics PLCs used in Water and Wastewater Systems CISA is responding to active exploitation(link is external) of Unitronics...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development
CISA and UK NCSC Unveil Joint Guidelines for Secure AI System Development Today, in a landmark collaboration, the U.S. Cybersecurity...
CISA: CISA Releases First Secure by Design Alert
CISA Releases First Secure by Design Alert Today, CISA published guidance on How Software Manufacturers Can Shield Web Management Interfaces...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Removes One Known Exploited Vulnerability From Catalog
CISA Removes One Known Exploited Vulnerability From Catalog CISA is continually collaborating with partners across government and the private sector....
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on November 30, 2023. These...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS,...
CISA: Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems
Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems CISA has assisted a researcher with coordinating the disclosure of...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
Aladdin – Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory
Aladdin is a payload generation technique based on the work of James Forshaw (@tiraniddo) that allows the deseriallization of a...
CISA: CISA Removes One Known Exploited Vulnerability From Catalog
CISA Removes One Known Exploited Vulnerability From Catalog CISA is continually collaborating with partners across government and the private sector....
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS,...
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries....
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including...
