News – November 2024


  • Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices

    November 18, 2024

    There is a big incentive for both espionage motivated actors and financially motivated actors to set up proxy botnets. These can serve as an anonymization layer, which can provide plausibly geolocated IP addresses to scrape contents of websites, access stolen or compromised online assets, and launch cyber-attacks. Examples of proxy botnets set up by advanced persistent ...

  • Palo Alto Releases Critical Security Bulletin for Firewall Devices

    November 18, 2024

    Palo Alto has issued a critical severity security bulletin for an unauthenticated remote command execution vulnerability affecting the management interface for firewall devices. The vulnerability is still under investigation by Palo Alto but has not yet received a CVE designation. Palo Alto has tentatively given the vulnerability an initial CVSSv4 score of 9.3. However, if access ...

  • Don’t Hold Down The Ctrl Key – New Warning As Cyber Attacks Confirmed

    November 18, 2024

    Just as security professionals will tell you that layered defensive strategies are the best when it comes to staving off successful attacks, so attackers will often look to precisely the same when executing their cyber attacks. Two-step phishing attacks have, in the words of security researchers from Perception Point, “become a cornerstone of modern cybercrime,” leveraging ...

  • Philippines, US sign military intelligence-sharing deal to counter China

    November 18, 2024

    The Philippines and the United States have signed a military intelligence-sharing deal, in a further deepening of security ties between the two defence treaty allies as they seek to counter a resurgent China. Secretary of Defense Gilberto Teodoro and his visiting US counterpart Lloyd Austin signed the agreement on Monday during a ceremony at the Department ...

  • T-Mobile Targeted in Chinese Cyber-Espionage

    November 16, 2024

    Chinese hackers feasted on T-Mobile as their latest cyber espionage victim. The leading carrier in the US is not the only company affected as other telecom giants are at risk of getting infiltrated. Hackers linked to a Chinese intelligence agency invaded T-Mobile’s network in a months-long operation designed to monitor cellphone communications of high-value intelligence targets, ...

  • Singapore cyber defenders fight simulated attacks on AI-enabled systems in 4-day exercise

    November 15, 2024

    More technology is moving onto the cloud – meaning its data is hosted on remote servers rather than on personal devices – and integrating artificial intelligence (AI), which opens it up to new kinds of malicious attacks. To improve Singapore’s ability to counter these emerging threats, soldiers from the Singapore Armed Forces (SAF) and civilians from ...

  • Schneider Electric Data Breach Leaks Critical Data, Hellcat Ransomware Group Demands Hefty Ransom in Baguettes

    November 15, 2024

    French digital automation and energy management giant Schneider Electric is investigating a data breach after a hacker claimed they stole dozens of gigabytes and demanded a hefty ransom in Baguettes, a classic popular French bread item. Schneider Electric manufactures various energy management and automation products, from home electrical components to industrial control systems. The Rueil-Malmaison, France-based ...

  • Greece: Technical issue, not cyber attack, behind Hellenic Revenue Service, National Security Service, and National Police websites downtime

    November 15, 2024

    A technical network problem rather than a cyberattack was ultimately responsible for the simultaneous loss of access observed on the afternoon of Thursday, November 14, to websites of ADC and other government agencies. As competent sources told prototheme.gr, after an investigation, it was found that the temporary interruption of access to websites of the State, such ...

  • Сrimeware and financial cyberthreats in 2025

    November 14, 2024

    Kaspersky’s Global Research and Analysis Team constantly monitors known and emerging cyberthreats directed at the financial industry, with banks and fintech companies being the most targeted. Kaspersky researchers also closely follow threats that aim to infiltrate a wider range of industries, namely ransomware families that are financially motivated. These observations, as part of our Kaspersky Security ...

  • Ivanti Releases Security Updates for Multiple Products

    November 14, 2024

    Ivanti has released the following three security advisories addressing vulnerabilities in multiple products. Security Advisory Ivanti Avalanche (Multiple CVEs) – Q4 2024 Release Ivanti Avalanche is a mobile device management solution and is used to remotely manage, deploy software, and schedule updates for enterprise mobile devices. Successful exploitation of five of the vulnerabilities could lead to ...