Chinese Cyber Espionage Group Exploits Vulnerabilities in Major Tech Platforms A sophisticated cyber espionage campaign linked to the Chinese threat actor UN3886 has been identified, involving the exploitation of zero-day vulnerabilities within widely used technologies such as Fortinet, Ivanti, and VMware systems. Recent findings highlight that the attackers have been…
In a troubling development for cybersecurity, Fortinet, in collaboration with Mandiant, has uncovered a widespread exploitation of FortiManager devices linked to CVE-2024-47575. This vulnerability has compromised over 50 systems across various sectors, with the threat group known as UNC5820 leveraging the flaw to facilitate data theft and unauthorized access. The…
Fortinet, a prominent provider of network security solutions, has recently come under scrutiny for concealing a significant vulnerability that has reportedly been exploited by attackers to execute unauthorized code on servers belonging to sensitive organizations. This silence persisted for over a week, raising concerns among users and cybersecurity experts alike…
The U.S. government announced on Wednesday that it has taken significant action to disrupt a botnet composed of hundreds of small office and home office (SOHO) routers based in the United States. This botnet, referred to as the KV-botnet, is linked to Volt Typhoon, a state-sponsored threat actor associated with…
Microsoft has announced the release of security patches addressing a staggering 143 vulnerabilities as part of its latest monthly updates. Among these issues, two have been confirmed to be actively exploited, heightening concerns for organizations relying on Microsoft software. The updates, which categorize five vulnerabilities as Critical, 136 as Important,…
Artificial Intelligence (AI) is transforming society in numerous beneficial ways, yet it has also become a tool exploited by cybercriminals to perpetrate nefarious activities. Threat actors, both seasoned and novice, leverage AI to enhance their data-gathering capabilities and to generate convincing phishing communications, thereby streamlining their malicious endeavors. As a…
Palo Alto Networks has issued an urgent warning regarding a critical vulnerability affecting its PAN-OS software utilized in GlobalProtect gateways, noting that this flaw is currently being actively exploited in the wild. Designated as CVE-2024-3400, this vulnerability carries a maximum CVSS score of 10.0, underscoring its potential severity and urgency…
A recent malware campaign has targeted Cisco networking equipment, exploiting two previously unknown vulnerabilities identified as zero-day flaws to deliver customized malware and conduct covert data collection in targeted environments. Cisco Talos, naming this operation “ArcaneDoor,” has attributed the attacks to UAT4356, an advanced state-sponsored group also known as Storm-1849…
A recently identified vulnerability in VMware ESXi hypervisors has been under active exploitation by several ransomware groups, raising significant concerns among cybersecurity experts. The flaw, detailed under CVE-2024-37085 and assigned a CVSS score of 6.8, enables attackers to bypass Active Directory integration authentication, thus granting them illicit administrative access to…
