Intel
Cisco has issued a new advisory concerning the active exploitation of a ten-year-old security flaw in its Adaptive Security Appliance (ASA) software. The vulnerability, identified as CVE-2014-2120, poses a potential risk for cross-site scripting (XSS) attacks through ASA's WebVPN. Vulnerability Overview CVE-2014-2120, with a CVSS score of 4.
A sophisticated cyber assault by the threat group APT-C-60 has recently targeted an unnamed Japanese organization, exploiting a vulnerability in WPS Office to deploy the SpyGlace backdoor. This attack occurred in August 2024, leveraging job application-themed phishing tactics to infiltrate the system, as reported by JPCERT/CC. Attack Methodology The
In recent developments, the Matrix botnet has been identified as the driving force behind an extensive distributed denial-of-service (DDoS) campaign. This operation exploits security weaknesses and misconfigurations in Internet of Things (IoT) devices, integrating them into a potent botnet capable of significant disruptions. Comprehensive Setup According to Assaf Morag, director
In a recent security breach analysis, experts uncovered a unique variant of the Mimic ransomwareâdubbed "Elpaco." This advanced threat exploits the Zerologon (CVE-2020-1472) vulnerability for privilege escalation after infiltrating servers via Remote Desktop Protocol (RDP) through a brute-force attack. The intriguing twist with this ransomware is its
In a concerning development for Japan's cyber landscape, Trend Micro has uncovered a spear-phishing operation that emerged in June 2024, demonstrating sophisticated techniques linked to the notorious Earth Kasha group. Spear-Phishing Campaign The campaign demonstrates advanced spear-phishing tactics, targeting specific entities in Japan. Timeline and Location Active since
The FBI, CISA, and ACSC have released an updated security advisory concerning the BianLian cybercrime group, highlighting a significant shift in their attack methods. Background on BianLian's Operations BianLian, believed to operate primarily out of Russia, has been a persistent threat to critical infrastructure sectors in the U.
Security researchers at Checkmarx have unveiled a sophisticated supply chain attack enduring for over a year, embedding malicious code within the software package @0xengine/xmlrpc. Initially appearing as a legitimate XML-RPC tool, it later transformed into a vector for crypto mining and data theft. Duration and Updates The package operated
QNAP has urgently issued security updates to patch several critical vulnerabilities affecting its NAS devices and routers. Among these are severe flaws that could lead to unauthorized access and remote code execution. Users are strongly advised to apply these updates immediately to protect their systems. Notes Station 3 Security Flaws
Earth Estries, a cyber threat group associated with China, has been observed deploying a newly identified backdoor, GHOSTSPIDER, in its targeted attacks against Southeast Asian telecommunications firms. According to Trend Micro, this advanced persistent threat (APT) group is employing sophisticated strategies to penetrate multiple industries. Targeted Sectors and Geographical Spread