News • Insights • Analysis
During a recent incident response, Kaspersky’s GERT team identified a set of TTPs and indicators linked to an attacker that infiltrated a company’s networks by targeting a Fortinet vulnerability for which a patch was already available. This vulnerability is an Read More …
The United States government is taking aim at TP-Link, a Chinese technology company that dominates the home and small-business router market in the U.S., amid mounting national security concerns. With TP-Link holding a significant 65% market share, federal authorities are Read More …
Ivanti has released security advisories addressing vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure. Ivanti Cloud Services Applicance (CSA) is an appliance that provides secure communication and functionality over the internet. Ivanti Connect Secure and Policy Secure are Read More …
The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the Read More …
Zyxel has released a security advisory addressing recent targeting of its firewall products. Attackers have been observed exploiting vulnerabilities patched in September (see Cyber Alert CC-4541) and a previously undisclosed high severity vulnerability. CVE-2024-11667 is a path traversal vulnerability and Read More …
SonicWall has released a security update addressing a vulnerability in the Windows (32 and 64-bit) versions of SonicWall SMA100 NetExtender. SMA100 NetExtender is a virtual private network (VPN) client. This vulnerability tracked as CVE-2024-29014, may allow an attacker to execute Read More …
Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source of these password spray attacks to a network of Read More …
Scientists from China are aiming to create a communication protocol which can help protect traditional encryption methods from quantum computer attacks. Chinese scientists recently presented a draft document at an internal event held in Sweden which showed their attempts at Read More …
The Cyber Security Association of China on Wednesday called for the launch of a systematic review of potential cybersecurity risks in Intel products due to frequent vulnerabilities and high failure rates, in order to effectively safeguard China’s national security and Read More …
DDoS attacks have evolved from simple disruptions into serious threats, with cybercriminals using them to demand ransoms and fill their cryptocurrency wallets. These attackers often operate like modern-day mafiosi, issuing threats and demanding payments. Pay up, or face two outcomes: Read More …
