An unknown threat actor is developing ransomware to lock files and steal data on macOS, and it's not LockBit.
On Wednesday, October 23, 2024, security company Fortinet published an advisory on CVE-2024-47575, a critical zero-day vulnerability affecting their FortiManager network management solution. The vulnerability arises from a missing authentication for a critical function [CWE-306] in the FortiManager fgfmd daemon that allows a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. The vulnerability carries a CVSS v3 score of 9.8.
Threat actors exploit Amazon S3 in ransomware attacks, using AWS credentials for data theft.
ShadyShader: Crashing Apple M-Series Devices with a Single Click
MThe Hunt for Initial Access With the default disablement of VBA macros originating from the internet, Microsoft may be pitching a curveball to threat actors and red […]
Multiple Xerox printers (EC80xx, AltaLink, VersaLink, WorkCentre) were affected by an authenticated remote code execution vulnerability which allowed an attacker with administrative web credentials to fully compromise the devices with root privileges on the operating system.
Mandiant analyzed 138 vulnerabilities that were disclosed in 2023 and that we tracked as exploited in the wild.
Did you know there’s widespread exploitation of FortiNet products going on using a zero day, and that there’s no CVE? Now you do.
It all started with an ESET statement on their official account on "X", wherein they mentioned that their partner company in Israel has gone under a targeted malicious email campaign that they managed to block within 10 minutes.
ESET has launched an investigation after the systems of its official product distributor in Israel were abused to send out emails delivering wiper malware.
The targeted users received an email — signed by ESET’s Advanced Threat Defense (ATD) team — informing them about government-backed attackers trying to compromise their devices.
Researchers uncover flaw in Mallox ransomware, offering free file recovery for early victims
A supply chain hack targeting 100,000 websites was launched to redirect internet users to a massive online gambling network.
Fortinet has released critical security updates for FortiManager, to fix a critical vulnerability that is reportedly being exploited.
Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of Independent States (CIS) region, the successor of the former Soviet Union.
A quirk in the Unicode standard harbors an ideal steganographic code channel.
Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics. Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics.
A case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). This incident is a prime example of how threat actors chain zero-day vulnerabilities to gain initial access to a victim’s network. Learn more.
Analysis of a newly discovered Linux based variant of the DPRK attributed FASTCash malware along with background information on payment switches used in financial networks.
The Vocational Training Center, or Berufsbildungszentrum (BBZ), in the canton of Schaffhausen reported a ransomware attack, making it the latest in a wave against German-speaking schools and universities.
“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.
