Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Cisco RCE Vulnerability Affects Security Appliances
Cisco has identified a critical RCE vulnerability, CVE-2024-20353, affecting its Secure Web Appliance and Secure Email Gateway products. Immediate updates are urged.
-
Unnamed APT Exploits Zero-Days in Citrix and Cisco, Targeting Critical Infrastructure
An unnamed advanced persistent threat (APT) group exploited zero-day vulnerabilities in Citrix NetScaler ADC and Gateway, dubbed “CitrixBleed 2,” and a critical flaw in Cisco Identity Service Engine (ISE). The attacks targeted essential identity and network access control infrastructure.
-
Canada Imposes New Sanctions on Russian Drone and Energy Production
Canada has imposed new sanctions on Russia, targeting its drone and energy industries, and infrastructure implicated in cyberattacks against Ukraine. These measures escalate economic pressure aimed at curbing Russia’s ongoing conflict.
-
Microsoft Exchange End-of-Life: Imminent Threats and Migration Urgency
Microsoft Exchange servers 2016 and 2019 are nearing end-of-life this October, posing an imminent threat due to critical vulnerabilities. This advisory follows the Storm-0558 breach, prompting CISA and NSA to issue security best practices. Organizations must migrate and implement robust defenses amidst Microsoft’s Secure Future Initiative.
-
WhatsApp to Face Stricter EU Oversight Under Digital Services Act
The European Commission is set to classify WhatsApp as a ‘very large online platform’ under the Digital Services Act (DSA), imposing stricter regulatory oversight due to its over 45 million monthly active users in the EU. This move mandates enhanced content moderation, transparency, and continuous risk assessment for the messaging service.
-
Russia’s Finance Ministry to Debut Yuan Bonds in December
Russia’s Finance Ministry will issue its first series of government bonds denominated in Chinese yuan next month, diversifying its borrowing portfolio and mitigating Western sanctions amid declining traditional revenue streams and a projected budget deficit.
-
Kremlin Confirms Failed Backchannel Contact with UK Security Adviser
The Kremlin confirmed a brief, unsuccessful backchannel attempt by the UK involving Yury Ushakov and Jonathan Powell, aimed at establishing confidential communication amid European concerns over US disengagement in the Ukraine conflict.
-
European Union Weighs New Intelligence Unit Under Von der Leyen
The European Union is considering a new intelligence unit directly under Commission President Ursula von der Leyen to enhance national intelligence coordination and strengthen its global geopolitical standing.
-
Active Directory Under Siege: Why Critical Infrastructure Remains a Prime Target
Active Directory, the foundational identity and access management service for over 90% of Fortune 1000 companies, remains a critical target for cyber adversaries, especially in essential sectors like critical infrastructure. This article discusses its vulnerabilities, common attack techniques like Golden Ticket and DCSync attacks, and the severe implications of breaches, as illustrated by the 2024…
-
Lavrov Urges US to Accept New START Extension
Russian Foreign Minister Sergei Lavrov urged the United States to accept Moscow’s offer: extend the New START nuclear arms reduction treaty for one year.