The U.S. government announced on Wednesday that it has taken significant action to disrupt a botnet composed of hundreds of small office and home office (SOHO) routers based in the United States. This botnet, referred to as the KV-botnet, is linked to Volt Typhoon, a state-sponsored threat actor associated with…
OpenSSH Vulnerability Exposes Critical Risk to Linux Systems In a significant development for cybersecurity, the maintainers of OpenSSH have issued urgent security updates addressing a severe vulnerability that may allow unauthenticated remote code execution with root-level access on glibc-based Linux systems. This vulnerability, designated CVE-2024-6387 and dubbed "regreSSHion," resides within…
Recent reports indicate that a cyber espionage group with connections to China, known as Velvet Ant, has been exploiting a zero-day vulnerability in Cisco’s NX-OS Software utilized in their switching devices to execute malware. This security gap, identified as CVE-2024-20399 with a CVSS score of 6.0, involves a command injection…
The threat posed by the KV-botnet continues to evolve as operators adapt their tactics in response to increased law enforcement scrutiny from the United States. This malicious network, primarily comprised of compromised small office and home office (SOHO) routers and firewall devices across the globe, has been associated with covert…
A recent report highlights significant job losses within the tech sector, with approximately 32,000 employees affected as of February 2024. This trend follows announcements from major companies such as Google, Amazon, Meta, and Cisco regarding workforce reductions, raising concerns about the impact of artificial intelligence (AI) on employment. In an…
Microsoft has announced the release of security patches addressing a staggering 143 vulnerabilities as part of its latest monthly updates. Among these issues, two have been confirmed to be actively exploited, heightening concerns for organizations relying on Microsoft software. The updates, which categorize five vulnerabilities as Critical, 136 as Important,…
Cisco Issues Critical Security Patches for Vulnerabilities in Smart Software Manager Cisco has rolled out urgent patches to remedy a high-severity security vulnerability in its Smart Software Manager On-Prem (SSM On-Prem). This flaw potentially enables remote, unauthenticated attackers to change passwords for any user accounts, including those belonging to administrators.…
Critical Vulnerability Exposes Adobe Commerce and Magento Stores to Exploits Recent cybersecurity research indicates that a significant 5% of all Adobe Commerce and Magento stores have been compromised due to a serious security vulnerability named CosmicSting. This development underscores the escalating risk that online retailers are facing in the digital…
A prominent data leaker has claimed to have successfully infiltrated Cisco, a leading networking technology firm, and exfiltrated sensitive company data. This discovery has prompted Cisco to initiate an investigation into the incident. Earlier this week, a cybercriminal operating under the alias IntelBroker took to BreachForums, a well-known hacking marketplace,…
