Update: Researchers Released Exploit Code for Actively Exploited Palo Alto Networks PAN-OS Bug

/in

Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls.

Cyware News – Latest Cyber News – ​Read More

Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread

/in

Recently, FortiGuard Labs observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant.

Cyware News – Latest Cyber News – ​Read More

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

/in

Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.

Security Latest – ​Read More

‘Sandworm’ Group Is Russia’s Primary Cyberattack Unit in Ukraine

/in

But even with that focus, the sophisticated threat group has continued operations against targets globally, including the US, says Google’s Mandiant.

darkreading – ​Read More

BreachForums Down, But Not Out: Hackers Claim Attack, Admins Remain Unfazed

/in

The domain of the notorious BreachForums data leak and hacking forum has been taken down by rival threat actors. The threat actor group, R00TK1T, along with the Cyber Army of Russia, announced a breach of user data following the takedown.

Cyware News – Latest Cyber News – ​Read More

Misinformation and Hacktivist Campaigns Targeting the Philippines Skyrocket

/in

Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity targeting the Philippines in Q1 2024, increasing nearly 325% compared to the same period last year.

Cyware News – Latest Cyber News – ​Read More

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

/in

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024.
“These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies,” Cisco Talos said.
Successful attacks could

The Hacker News – ​Read More

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering

/in

To craftily pose as its chosen personas, TA427 uses a few tactics including DMARC abuse in concert with free email addresses, typosquatting, and private email account spoofing.

Cyware News – Latest Cyber News – ​Read More

Israeli Defense Forces Hold Hybrid Cyber & Military Readiness Drills

/in

Israel prepares for a response to Iran’s April 14 drone and missile attack.

darkreading – ​Read More

Delinea Fixes Flaw, But Only After Analyst Goes Public With Disclosure First

/in

Delinea rolls out Secret Server SOAP API flaw fixes, while researcher claims the vendor ignored his findings for weeks.

darkreading – ​Read More