Search results for: “network security”
-
Microsoft Exchange End-of-Life: Imminent Threats and Migration Urgency
Microsoft Exchange servers 2016 and 2019 are nearing end-of-life this October, posing an imminent threat due to critical vulnerabilities. This advisory follows the Storm-0558 breach, prompting CISA and NSA to issue security best practices. Organizations must migrate and implement robust defenses amidst Microsoft’s Secure Future Initiative.
-
Active Directory Under Siege: Why Critical Infrastructure Remains a Prime Target
Active Directory, the foundational identity and access management service for over 90% of Fortune 1000 companies, remains a critical target for cyber adversaries, especially in essential sectors like critical infrastructure. This article discusses its vulnerabilities, common attack techniques like Golden Ticket and DCSync attacks, and the severe implications of breaches, as illustrated by the 2024…
-
Russian Initial Access Broker Pleads Guilty in US for Yanluowang Ransomware Attacks
A Russian initial access broker (IAB) pleaded guilty in the United States for facilitating at least seven Yanluowang ransomware attacks, demanding $24 million from American organizations. This case highlights the crucial role of IABs in the cybercriminal ecosystem and international law enforcement efforts to combat ransomware.
-
GootLoader Returns with Novel WOFF2 Font Obfuscation and WordPress Exploits
GootLoader returns with novel WOFF2 font obfuscation and WordPress exploits, rapidly compromising networks. The malware uses custom WOFF2 fonts and exploits WordPress comment sections to deliver malicious payloads.
-
Critical Flaw in Combodo iTop Exposes Systems to Remote Code Execution
A critical security flaw in Combodo iTop, a widely adopted IT service management platform, could allow attackers to achieve remote code execution (RCE) and gain full control over affected systems.
-
North Korean Konni Group Leverages Google’s Find Hub to Wipe Android Devices in Latest Campaigns
North Korea’s Konni Group has escalated its cyber espionage tactics by leveraging Google’s legitimate Find Hub service to remotely wipe Android devices. This sophisticated campaign targets Android and Windows users with data theft and remote control objectives, initiating with spear-phishing emails and deploying the Lilith Remote Access Trojan (RAT).
-
EU Considers Banning Huawei Telecom Equipment for Member States
The European Union is contemplating a ban on Huawei telecommunications equipment for member states, driven by escalating cybersecurity and national security concerns. This move reflects a growing international apprehension regarding the integration of specific foreign technologies into global telecom networks and aims to fortify critical infrastructure against potential vulnerabilities.
-
ClickFix Phishing Campaign Targets Hotel Systems with PureRAT Malware
A sophisticated ClickFix phishing campaign is targeting the global hospitality sector, deploying PureRAT malware to steal sensitive credentials and defraud hotels and customers on booking platforms like Booking.com and Expedia.
-
Germany to Deploy New P-8 Poseidon Sub-Hunting Planes from Norway and Iceland
Germany’s newly acquired P-8A Poseidon maritime patrol aircraft are set to operate from forward bases in Norway and Iceland, significantly bolstering NATO’s surveillance and anti-submarine warfare capabilities across the North Atlantic and Arctic regions.
-
Russia Detains Eight in Bashkortostan Over Alleged Telecom Sabotage Plot
Russian authorities have detained eight individuals in the republic of Bashkortostan, alleging their involvement in a plot to sabotage telecommunications infrastructure. The detentions signal a heightened focus on internal security amidst ongoing international tensions.