Emergence of ExelaStealer: A New Player in Cybercrime A newly identified information-stealing malware, dubbed ExelaStealer, has emerged in a saturated market already teeming with tools designed to exfiltrate sensitive information from compromised Windows systems. This evolving threat, flagged by FortiGuard Labs, showcases how cybercriminals continually adapt their tactics and tools…
In a revealing report, UK cybersecurity firm Sophos has highlighted a prolonged and intricate battle with a group of hackers based in Chengdu, China. This confrontation, which has persisted for over five years, underscores a troubling reality in the cybersecurity landscape: devices that are designed to shield organizations from cyber…
Recent reports reveal that state-sponsored hackers, associated with China, successfully compromised 20,000 Fortinet FortiGate systems globally by exploiting a critical vulnerability between 2022 and 2023. This breach appears to have far-reaching implications that were previously underestimated. The Dutch National Cyber Security Centre (NCSC) disclosed that the attackers had prior knowledge…
Microsoft Addresses 51 Vulnerabilities in June Patch Tuesday Update In its latest Patch Tuesday update for June 2024, Microsoft has rolled out security updates to address 51 vulnerabilities across its products. Among these, one vulnerability has been classified as Critical, while the remaining 50 are deemed Important. This release also…
Chinese Cyber Espionage Group Exploits Vulnerabilities in Major Tech Platforms A sophisticated cyber espionage campaign linked to the Chinese threat actor UN3886 has been identified, involving the exploitation of zero-day vulnerabilities within widely used technologies such as Fortinet, Ivanti, and VMware systems. Recent findings highlight that the attackers have been…
In a troubling development for cybersecurity, Fortinet, in collaboration with Mandiant, has uncovered a widespread exploitation of FortiManager devices linked to CVE-2024-47575. This vulnerability has compromised over 50 systems across various sectors, with the threat group known as UNC5820 leveraging the flaw to facilitate data theft and unauthorized access. The…
Fortinet, a prominent provider of network security solutions, has recently come under scrutiny for concealing a significant vulnerability that has reportedly been exploited by attackers to execute unauthorized code on servers belonging to sensitive organizations. This silence persisted for over a week, raising concerns among users and cybersecurity experts alike…
The U.S. government announced on Wednesday that it has taken significant action to disrupt a botnet composed of hundreds of small office and home office (SOHO) routers based in the United States. This botnet, referred to as the KV-botnet, is linked to Volt Typhoon, a state-sponsored threat actor associated with…
Microsoft has announced the release of security patches addressing a staggering 143 vulnerabilities as part of its latest monthly updates. Among these issues, two have been confirmed to be actively exploited, heightening concerns for organizations relying on Microsoft software. The updates, which categorize five vulnerabilities as Critical, 136 as Important,…
