Cyber Security News

December 13, 2022

Citrix strongly urges admins to apply security updates for an ‘Critical’ zero-day vulnerability (CVE-2022-27518) in Citrix ADC and Gateway that is actively exploited by state-sponsored hackers to gain access to corporate networks. This new vulnerability allows an unauthenticated attacker to execute commands remotely on vulnerable devices and take control over them. Citrix is warning admins to install ...

December 13, 2022

The Federal Bureau of Investigation (FBI) and CISA have updated joint Cybersecurity Advisory AA22-335A: #StopRansomware: Cuba Ransomware, originally released on December 01, 2022. The advisory has been updated to include additional indicators of compromise (IOCs). CISA encourages organizations to review the latest update to AA22-335A and apply the recommended mitigations. Read more… Source: U.S. Cybersecurity and Infrastructure Security ...

December 13, 2022

A type of cryptomining malware targeting Linux-based systems has added capabilities by incorporating an open source remote access trojan called Chaos RAT with several advanced functions that bad guys can use to control remote operating systems. Trend Micro security researchers discovered the threat last month. Like earlier, similar versions of the miner that also target Linux ...

December 13, 2022

Apple tracked users without their consent and deserves to be fined €6 million, according to a top advisor to France’s data privacy watchdog. The Commission nationale de l’informatique et des libertés (CNIL) launched an investigation into Apple after a complaint filed by France Digitale, a lobby group supporting startups, accused the company of violating EU privacy ...

December 13, 2022

Fortinet has warned customers to patch immediately against a new vulnerability it said is under active exploitation. The critical-rated vulnerability exists in a VPN product, FortiOS SSL-VPN. In its advisory, the company said the bug is a heap-based buffer overflow. Read more… Source: IT News  

December 12, 2022

Web exploitation and web shells are some of the most common entry points in the current threat landscape. Web servers provide an external avenue directly into your corporate network, which often results in web servers being an initial intrusion vector or mechanism of persistence. Monitoring for exploitation and web shells should be a high priority ...

December 12, 2022

An investigation is underway after a cybersecurity incident involving the California Department of Finance. The California Cyber Security Integration Center (Cal-CSIC) confirmed the incident on Monday but offered few specifics. Officials did note, however, that no state funds had been compromised. Read more… Source: MSN News  

December 12, 2022

Ransomware group Play claims to hold 557GB of data from the city of Antwerp. The local government fell victim to a ransomware attack last week. Play listed the city of Antwerp on its darkweb page on Sunday. The ransomware group uses the page to publicize victims. Play claims to hold 557GB of city data, including passports ...

December 12, 2022

Uber shared further information with BleepingComputer on how its data was stolen in a breach on Teqtivity, which provides asset management and tracking services for the company. Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity ...