On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a second vulnerability affecting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) solutions to its Known Exploited Vulnerabilities (KEV) catalog. This decision follows the identification of ongoing exploitation of the flaw in real-world environments. The…
Recent reports have highlighted a concerning campaign targeting Fortinet FortiGate firewalls with exposed management interfaces on the public internet. Released by cybersecurity firm Arctic Wolf, this analysis reveals significant unauthorized access to these critical devices. The attackers were able to log in as administrators, create new accounts, authenticate through SSL…
On Thursday, the Russian government issued an alert regarding ongoing cyber attacks aimed at critical infrastructure within the country, coinciding with the intensification of its military actions in Ukraine. This development marks a notable increase in cybersecurity threats that could affect a variety of sectors, prompting deeper concerns among business…
New Malware Exposed as Iranian APT Group Targets Global Networks Cybersecurity agencies from the United States and the United Kingdom have revealed new malware attributed to the Iranian government-sponsored advanced persistent threat (APT) group known as MuddyWater. This malware is reported to facilitate attacks against both government and commercial networks…
Generative AI is poised to empower individuals to perpetrate advanced phishing attacks, which will only be thwarted by next-generation multi-factor authentication devices. In 2023, ransomware incidents soared to unprecedented levels, resulting in record-breaking damages. Weekly headlines highlighted high-profile organizations such as MGM, Johnson Controls, Clorox, Hanes Brands, and Caesars Palace,…
Microsoft has recently revealed a concerning escalation in cyberattacks targeting Ukraine’s digital infrastructure. This unprecedented wave of assaults coincided with Russia’s initial missile strikes last week, highlighting a strategic and calculated effort to disrupt critical services within the country. The tech giant’s Threat Intelligence Center (MSTIC) reported that these attacks…
Cybersecurity Alert: Network Breach at U.S. State Government Organization The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a significant cybersecurity breach affecting an unnamed state government organization’s network. The breach was executed through the exploitation of an administrator account linked to a former employee, highlighting the vulnerabilities associated…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a critical vulnerability in the widely used jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog due to ongoing exploitation concerns. This security flaw, identified as CVE-2020-11023, poses medium-level severity, scored between 6.1 and 6.9 on the Common Vulnerability…
On Monday, the U.S. government reiterated its warnings regarding the likelihood of cyberattacks from Russia, believed to be a retaliatory response to the extensive economic sanctions imposed by Western nations following the country’s recent invasion of Ukraine. President Joe Biden indicated that the evolving intelligence suggested that the Russian government…
