Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Network Firewalls, Network Access Control Cisco Talos Links Ongoing Attacks to UAT-9686 Akshaya Asokan (asokan_akshaya) • December 18, 2025 Image: Anucha Cheechang/Shutterstock Recent reports indicate that likely state-sponsored hackers from China are taking advantage of an unpatched vulnerability in Cisco email appliances,…
Recent disclosures from US intelligence agencies reveal an alarming resurgence of a 12-year-old strain of malware, known as “Taidoor.” This variant is believed to be employed by state-sponsored actors from China, targeting a wide array of institutions, including government bodies, corporations, and think tanks. The malware, which has been active…
In a troubling revelation, Facebook has acknowledged that it provided various technology companies and app developers with continued access to user data, despite its public assertions in 2015 that such access had been curtailed. This admission offers a rare glimpse into how the social media giant manages personal information within…
Microsoft Phases Out Vulnerable RC4 Encryption Standard Amid Rising Security Concerns In a significant move towards bolstering cybersecurity, Microsoft has announced the discontinuation of the outdated and insecure RC4 encryption cipher, which has been a default feature in Windows for over 26 years. This decision comes in the wake of…
In a significant update released for January 2024, Microsoft has patched a total of 48 security vulnerabilities across its software ecosystem. This month’s Patch Tuesday includes two flaws classified as Critical and 46 as Important. Notably, there are no indications that any of these vulnerabilities are being actively exploited or…
New Timing Vulnerability Discovered in TLS: Raccoon Attack A recent study has revealed a significant timing vulnerability affecting the Transport Layer Security (TLS) protocol, potentially allowing attackers to compromise encryption and access sensitive communications under specific scenarios. Researchers have labeled this exploit the “Raccoon Attack,” targeting server-side operations in TLS…
Snapchat Source Code Leaked on GitHub: Cybersecurity Implications Unfold Recently, the source code for Snapchat, a widely-used social media application, was unlawfully released online. This breach occurred when a hacker leaked the code on GitHub, a Microsoft-owned code repository. The GitHub account, registered under the name Khaled Alshehri with the…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially included a critical vulnerability affecting Microsoft SharePoint Server in its Known Exploited Vulnerabilities (KEV) catalog, highlighting evidence of active exploitation within various environments. This vulnerability, identified as CVE-2023-29357, has garnered a significant CVSS score of 9.8, indicating its severity and…
Microsoft has disclosed its ongoing efforts to phase out the RC4 cryptographic algorithm, a challenge that has persisted for over a decade. According to Steve Syfuhs, who leads the Windows Authentication team at Microsoft, eliminating an algorithm that has been a part of operating systems for the last 25 years…
