Network Security

  • The Risks Of The #Monikerlink Bug In Microsoft Outlook And The Big Picture

    February 14, 2024

    Recently, Check Point Research released a white paper titled “The Obvious, the Normal, and the Advanced: A Comprehensive Analysis of Outlook Attack Vectors”, detailing various attack vectors on Outlook to help the industry understand the security risks the popular Outlook app may bring into organizations. As mentioned in the paper, Check Point researches discovered an interesting ...

  • CVE-2023-47218: QNAP QTS and QuTS Hero Unauthenticated Command Injection (FIXED)

    February 13, 2024

    Rapid7 has identified an unauthenticated command injection vulnerability in the QNAP operating system known as QTS and QuTS hero. QTS is a core part of the firmware for numerous QNAP entry- and mid-level Network Attached Storage (NAS) devices, and QuTS hero is a core part of the firmware for numerous QNAP high-end and enterprise NAS devices. ...

  • Ivanti urges customers to patch yet another critical vulnerability

    February 9, 2024

    In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”. This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3. Please read ...

  • AnyDesk confirms cyber attack, revokes certificates as hackers infiltrate systems

    February 5, 2024

    AnyDesk has confirmed it suffered a cyberattack in which hackers were able to compromise its production systems. In a press release published on the company’s website, the remote access provider said it spotted the attack after seeing “indications of an incident” in some of its systems. Subsequent investigation uncovered compromise in the company’s production systems, it ...

  • Volt Typhoon Actors Exploiting Insecure SOHO Routers

    January 31, 2024

    Threat actors—particularly the People’s Republic of China (PRC)—sponsored Volt Typhoon group—are compromising small office/home office (SOHO) routers by exploiting software defects that manufacturers must eliminate through secure software design and development. Specifically, Volt Typhoon actors are exploiting security defects in SOHO routers to use them as launching pads to further compromise U.S. critical infrastructure entities. CISA ...

  • The NSA buys Americans’ internet data, newly released documents show

    January 26, 2024

    The National Security Agency has been buying Americans’ web browsing data from commercial data brokers without warrants, intelligence officials disclosed in documents made public by a US senator Thursday. The purchases include information about the websites Americans visit and the apps that they use, said Oregon Democratic Sen. Ron Wyden, releasing newly unclassified letters he received ...

  • 7777-Botnet Infection Vectors

    January 18, 2024

    In October 2023, the 7777-Botnet was first discussed in a writeup titled, The Curious Case of the 7777-Botnet. The author, supported by other researchers, describes a ~10,000 node botnet that’s purpose is to brute-force Microsoft Azure user credentials. It employs targeted, low-volume methods that are so effective that they were only discovered due to a geolocation ...

  • Actively exploited 0-days in Ivanti VPN are letting hackers backdoor networks

    January 10, 2024

    Unknown threat actors are actively targeting two critical zero-day vulnerabilities that allow them to bypass two-factor authentication and execute malicious code inside networks that use a widely used virtual private network appliance sold by Ivanti, researchers said Wednesday. Ivanti reported bare-bones details concerning the zero-days in posts published on Wednesday that urged customers to follow mitigation ...

  • ‘Lazy’ broadband engineers blamed for exposing hospitals and banks to cyber attacks

    January 2, 2024

    Hospitals and banks are more exposed to cyber attacks because “lazy” broadband engineers are failing to fill in crucial forms, it has been alleged. Industry sources warned of a “Wild West” among contractors who are not handing over information about when and where they are working on BT’s network. Read more… Source: MSN News  

  • Exploring Encrypted Attacks Amidst the AI Revolution

    December 14, 2023

    Zscaler ThreatLabz researchers analyzed 29.8 billion blocked threats embedded in encrypted traffic from October 2022 to September 2023 in the Zscaler cloud, presenting their findings in the Zscaler ThreatLabz 2023 State of Encrypted Attacks Report. According to the Google Transparency Report, encrypted traffic saw a significant rise in the last decade, reaching 95% of global traffic ...