In a recent joint advisory, intelligence agencies from Australia, the U.K., and the U.S. have highlighted critical vulnerabilities that were actively exploited during 2020 and 2021. This report underscores how swiftly threat actors can capitalize on publicly disclosed weaknesses in software, posing a significant risk to various organizations worldwide. The…
Cisco Issues Critical Updates for Vulnerability in Adaptive Security Appliance Cisco Systems announced today that it has rolled out urgent security updates to address a significant vulnerability in its Adaptive Security Appliance (ASA) that has been actively exploited. This issue could result in a denial-of-service (DoS) condition, impacting the Remote…
On November 12, 2024, Microsoft disclosed that two significant security vulnerabilities affecting Windows NT LAN Manager (NTLM) and Task Scheduler have been actively exploited in the wild. These vulnerabilities were part of the November Patch Tuesday update, which addressed a total of 90 security flaws across Microsoft products. Among the…
A security vulnerability in Fortinet’s FortiClient for Windows has been exploited by the threat group known as **BrazenBamboo**, allowing them to extract VPN credentials using a modular framework named **DEEPDATA**. This exploitation was disclosed by Volexity, which reported the zero-day vulnerability’s emergence in July 2024. BrazenBamboo is also linked to…
Litigation, Network Firewalls, Network Access Control, Security Operations Pension Funds Accuse Fortinet of Misleading Market with Optimistic Refresh Forecast Michael Novinson (MichaelNovinson) • October 24, 2025 A pair of class action lawsuits have recently been filed against Fortinet, alleging violations of federal securities laws through misleading claims about a “record”…
On Wednesday, cybersecurity agencies from Australia, the U.K., and the U.S. issued a joint advisory detailing the active exploitation of vulnerabilities in Fortinet and Microsoft Exchange ProxyShell by Iranian state-sponsored threat actors. This exploitation is part of a broader effort to gain initial access into susceptible systems, subsequently enabling activities…
Recent revelations in cybersecurity highlight the increasing prevalence of long-term breaches, which often go unnoticed until substantial damage is done. A striking example is the incident involving F5, a significant player in the application delivery and security space. On August 9, 2025, F5 announced that unidentified threat actors had infiltrated…
Microsoft Wraps Up 2024 Patch Tuesday with Critical Security Fixes Microsoft concluded its Patch Tuesday updates for December 2024, addressing a total of 72 security vulnerabilities across its software ecosystem, including a specific flaw reported as actively exploited in the wild. Of these vulnerabilities, 17 have been classified as Critical,…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Phishing Campaigns Transition from China to Malaysia Targeting Chinese-Speakers Prajeet Nair ( @prajeetspeaks) • October 17, 2025 Image: Shutterstock Recent investigations reveal that a series of coordinated cyberattacks targeting Chinese-speaking individuals across the Asia-Pacific region can be traced back to a single…
