Intel
The Halcyon RISE Team has discovered a sophisticated ransomware campaign by a threat actor known as "Codefinger." This new attack targets Amazon S3 buckets, utilizing AWS’s Server-Side Encryption with Customer-Provided Keys (SSE-C) to lock data and demand ransom for the decryption keys. Attack Mechanism: The campaign leverages
A newly discovered zero-day vulnerability in FortiOS and FortiProxy systems is being actively exploited by cybercriminals to compromise Fortinet firewalls, posing a severe risk to enterprise network security. Vulnerability Details and Exploitation Type of Vulnerability: Authentication Bypass Affected Products: FortiOS and FortiProxy Impact: Unauthorized access and potential control hijacking of
In a significant cyber espionage campaign attributed to Russian entities, hackers have been actively targeting Kazakhstan to harvest economic and political intelligence. This operation is believed to be orchestrated by the cyber group UAC-0063, considered to overlap with the notorious APT28, linked to Russia's military intelligence, the GRU.
In a detailed report, cybersecurity firm Infoblox has unveiled the sophisticated use of domain spoofing in worldwide spam operations. This discovery emerged from a collaborative cybersecurity study focused on the Chinese Great Firewall, specifically addressing activities by a threat actor dubbed "Muddling Meerkat." Initially, the research aimed to
A new remote code execution (RCE) vulnerability, tracked as CVE-2024-50603, has been discovered in Aviatrix Controller, posing significant risks to cloud environments. This severe vulnerability allows unauthenticated attackers to execute arbitrary commands through improperly sanitized user inputs, earning it a maximum CVSS score of 10.0. Patches have been released
A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting
Unmasking the Threat Microsoft has taken a significant step in its cybersecurity efforts by initiating legal proceedings against a "foreign-based threat actor group" involved in bypassing safeguards of its AI services to create harmful content. The company’s Digital Crimes Unit (DCU) reports that these adversaries have developed
A recent investigation by cybersecurity firm Fortinet has uncovered a sophisticated phishing scheme targeting PayPal users. This campaign leverages genuine PayPal links to deceive recipients, ultimately allowing cybercriminals to gain unauthorized access to users' accounts. The Phishing Tactic The phishing operation involves emails that closely emulate authentic PayPal notifications.
Cybercriminals have launched a sophisticated phishing campaign impersonating CrowdStrike recruiters, aiming to install cryptominer malware on job seekers' devices. By pretending to offer positions at this respected cybersecurity company, perpetrators lure individuals into downloading harmful software. Phishing Tactic Unveiled According to CrowdStrike, this threat was first identified on January