New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products
Researchers at offensive cyber solutions provider AmberWolf have disclosed the details of a new attack method that can be leveraged against widely used corporate VPN clients. VPNs are often used by organizations for secure remote access, but the AmberWolf researchers showed that the attack surface they introduce should not be ignored. They also published an […]
Read More
Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
A Russia-linked APT actor has been observed chaining two recent zero-day vulnerabilities in Firefox and Windows to deploy a backdoor on the victims’ machines, ESET reports. The hacking group, tracked as RomCom, Storm-0978, Tropical Scorpius, and UNC2596, has been conducting opportunistic and targeted campaigns against various sectors, as part of both espionage and cybercrime operations. […]
Read More
Interpol Clamps Down on Cybercrime and Arrests Over 1,000 Suspects in Africa
Interpol arrested 1,006 suspects in Africa during a massive two-month operation, clamping down on cybercrime that left tens of thousands of victims, including some who were trafficked, and produced millions in financial damages, the global police organization said Tuesday. Operation Serengeti, a joint operation with Afripol, the African Union’s police agency, ran from Sept. 2 […]
Read More
VMware Patches High-Severity Vulnerabilities in Aria Operations
Virtualization software vendor VMware on Tuesday released a high-severity bulletin with patches for at least five security defects in its Aria Operations product. The company documented five distinct vulnerabilities in the cloud IT operations platform and warned that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks. Here are the details […]
Read More
IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR
IBM on Monday announced patches for multiple vulnerabilities across its products, including two high-severity remote code execution (RCE) issues in Data Virtualization Manager and Security SOAR. Tracked as CVE-2024-52899 (CVSS score of 8.5), the flaw in Data Virtualization Manager for z/OS could allow a remote, authenticated attacker to inject malicious JDBC URL parameters, which could […]
Read More
Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways
The US cybersecurity agency CISA on Monday warned of the in-the-wild exploitation of a critical-severity vulnerability in Array Networks’ Array AG and vxAG secure access gateway products. The issue, tracked as CVE-2023-28461 (CVSS score of 9.8), is described as a remote code execution (RCE) flaw that “allows an attacker to browse the filesystem or execute […]
Read More
New York Fines Geico and Travelers $11 Million Over Data Breaches
Auto insurance companies Geico and Travelers were fined $11 million in New York over data breaches that impacted the personal information of over 120,000 individuals. The insurance quoting tools of Government Employees Insurance Company (Geico) were targeted in several cyberattacks starting November 2020, leading to the compromise of a public-facing website’s backend and the theft […]
Read More
Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites
Two critical vulnerabilities in CleanTalk’s anti-spam plugin for WordPress could allow attackers to execute arbitrary code remotely, without authentication, Defiant warns. The issues, tracked as CVE-2024-10542 and CVE-2024-10781 (CVSS score of 9.8), affect the ‘Spam protection, Anti-Spam, FireWall by CleanTalk’ plugin, which has more than 200,000 active installations. Both flaws could allow remote, unauthenticated attackers […]
Read More
Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack
A ransomware attack on supply chain management software provider Blue Yonder has caused significant disruptions for some of the company’s customers, including several major firms. Arizona-based Blue Yonder revealed on November 21 that its managed services hosted environment had been experiencing disruptions due to a ransomware attack. The company immediately launched an investigation and started […]
Read More
Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks
Zyxel has issued a fresh warning on threat actors exploiting a recently patched command injection vulnerability in its firewalls after security firms have observed a ransomware group targeting the flaw for initial compromise. The bug, tracked as CVE-2024-42057, could allow remote attackers to execute OS commands on vulnerable devices, without authentication. Zyxel announced patches for […]
Read More