Cisco warns of VPN zero-day exploited by ransomware gangs
The medium severity zero-day allows unauthorized remote attackers to conduct brute force attacks against existing accounts
Read More...
Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
A consumer signing system crash in April of 2021 resulted in a snapshot of the crashed process
Read More...
FBI warns of patched Barracuda ESG appliances still being hacked
Tracked as CVE-2023-2868, the vulnerability was first exploited in October 2022 to backdoor ESG appliances and steal data from the compromised systems
Read More...
Akira ransomware targets Cisco VPNs to breach organizations
Akira has been using compromised Cisco VPN accounts to breach corporate networks without needing to drop additional backdoors
Read More...
Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign
More than 1,200 servers were backdoored before administrators installed the patch for the vulnerability
Read More...
Rhysida ransomware behind recent attacks on healthcare
They primarily attack education, government, manufacturing, and technology and managed service provider sectors
Read More...
Barracuda warns of email gateways breached via zero-day flaw
The company advises organizations to review their environments to confirm the threat actors did not spread to other devices on the network
Read More...
New Cactus ransomware encrypts itself to evade antivirus
Researchers found that Cactus obtains initial access into the victim network by exploiting known vulnerabilities in Fortinet VPN appliances
Read More...
IRS-authorized eFile.com tax return software caught serving JS malware
Security researchers state the malicious JavaScript file existed on eFile[.]com website for weeks
Read More...
New AlienFox toolkit steals credentials for 18 cloud services
Threat actors use AlienFox to collect lists of misconfigured cloud endpoints from security scanning platforms like LeakIX and SecurityTrails
Read More...