SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities Nov 07, 2023NewsroomVulnerability / Malware The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, Read more…
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws Nov 07, 2023NewsroomCyber Threat / Malware Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some Read more…
Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software Oct 25, 2023NewsroomThreat Intelligence / Vulnerability The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims’ accounts. “Winter Vivern has stepped up its Read more…
F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability Nov 01, 2023NewsroomVulnerability / Cyber Attack F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure, resulting in the execution of arbitrary system commands as part of an exploit chain. Tracked Read more…
HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability Nov 02, 2023NewsroomThreat Intelligence / Vulnerability Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. “In both instances, the adversary attempted to deploy Read more…
[ad_1] Nov 03, 2023NewsroomCloud Security / Linux The threat actors linked to Kinsing have been observed attempting to exploit the recently disclosed Linux privilege escalation flaw called Looney Tunables as part of a “new experimental campaign” designed to breach cloud environments. “Intriguingly, the attacker is also broadening the horizons of Read more…