DDoS Botnets Target Zyxel Vulnerability CVE-2023-28771

In June 2023, FortiGuard Labs detected the propagation of several DDoS botnets exploiting the Zyxel vulnerability (CVE-2023-28771). This vulnerability is characterized by a command injection flaw affecting multiple firewall models that could potentially allow an unauthorized attacker to execute arbitrary Read More …

FakeSG enters the ‘FakeUpdates’ arena to deliver NetSupport RAT

Over 5 years ago, Malwarebytes researchers began tracking a new campaign that they called FakeUpdates (also known as SocGholish) that used compromised websites to trick users into running a fake browser update. Instead, victims would end up infecting their computers Read More …

Victims of Cyberattack on File-Transfer Tool Pile Up

The list of companies hit by a cyberattack on a widely used software tool continues to expand and several victims have filed lawsuits alleging mishandling of data. The continued disclosure of new victims affected by hackers exploiting a vulnerability in Read More …

North Carolina: Kannapolis didn’t alert public when cyberattack knocked out police dispatch

More than a year ago, a cyberattack knocked out the system used in Kannapolis to dispatch police and firefighters. You wouldn’t know that based on what the city told the public. Read more… Source: Yahoo! News  

Many businesses don’t even know they’ve been hit by a security breach

Many businesses don’t know if they have suffered a data breach, and probably wouldn’t be able to spot such an event at all, due to the ever-expanding threat landscape, and notification fatigue among IT staff, new research has claimed. A Read More …

FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware

Symantec’s Threat Hunter Team, a part of Broadcom, recently observed the Syssphinx (aka FIN8) cyber-crime group deploying a variant of the Sardonic backdoor to deliver the Noberus ransomware. While analysis of the backdoor revealed it to be part of the Read More …

CISA Releases Seven Industrial Control Systems Advisories

CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-199-01 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A ICSA-23-199-02 Keysight N6845A Read More …