Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.
Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration.
Read more…
Source: TechCrunch News
Related:
- UK: Hacking gang BlackCat says it stole data trove from the Barts Health NHS Trust
June 30, 2023
A gang of cybercriminals says it has breached one of the UK’s largest hospital groups and is threatening to publish a trove of its confidential data. The gang, known as ALPHV or BlackCat, posted a statement on Friday claiming it had obtained seven terabytes of internal documents from the Barts Health NHS Trust, which manages five ...
- CISA Releases Nine Industrial Control Systems Advisories
June 29, 2023
CISA released nine Industrial Control Systems (ICS) advisories on June 29, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-180-01 Delta Electronics InfraSuite Device Master ICSA-23-180-02 Schneider Electric EcoStruxure ICSA-23-180-03 Ovarro TBox RTUs Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- 2023 CWE Top 25 Most Dangerous Software Weaknesses
June 29, 2023
The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2023 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. The CWE Top 25 is calculated by analyzing public vulnerability data in the National Vulnerability Data (NVD) for root cause mappings to ...
- Paracetamol maker Granules India flags significant operations hit from cyber attack
June 29, 2023
Granules India on Thursday warned of a significant loss of revenue and profitability due to a cyber security attack that the pharmaceuticals company faced late last month. Due to significant changes in its IT systems, the IT security incident caused a major disruption in its business operations, the Paracetamol maker said in an exchange filing. Read more… Source: ...
- Virtual kidnapping: How AI voice cloning tools and Chat GPT are being used to aid cybercrime and extortion scams
June 28, 2023
New technologies, such as artificial intelligence (AI) and machine learning (ML), are typically developed to boost productivity, increase efficiency, and make our lives easier. Unfortunately, cybercriminals have also found ways to exploit them for ill gain. Recently, malicious actors have abused AI technology to accurately impersonate real people as part of their attacks and scams. Cases ...
- Manic Menagerie 2.0: The Evolution of a Highly Motivated Threat Actor
June 28, 2023
Unit 42 researchers discovered an active campaign that targeted several web hosting and IT providers in the United States and European Union from late 2020 to late 2022. Unit 42 tracks the activity associated with this campaign as CL-CRI-0021 and believes it stems from the same threat actor responsible for the previous campaign known as ...