Recent cybersecurity alerts highlight the exploitation of a critical vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances by numerous threat actors, including affiliates of the notorious LockBit ransomware group. This new wave of attacks takes advantage of CVE-2023-4966, a severe flaw that has allowed adversaries to infiltrate…
A recent cybersecurity incident involving a North Korean state-sponsored group known as Diamond Sleet has emerged as a significant threat to businesses. This group has been distributing a compromised version of a legitimate application developed by the Taiwanese company CyberLink, leveraging a supply chain attack to target downstream customers. According…
A recent malware campaign has emerged, exploiting two zero-day vulnerabilities that enable remote code execution (RCE) to integrate routers and video recording devices into a Mirai-based distributed denial-of-service (DDoS) botnet. According to an advisory from Akamai, “The payload specifically targets routers and network video recorders (NVRs) with default admin credentials,…
A recent phishing campaign has surfaced, utilizing a Russian-language Microsoft Word document as a vehicle for deploying malware designed to extract sensitive data from compromised Windows systems. This attack has been linked to a threat actor known as Konni, which exhibits connections to the North Korean cyber espionage group identified…
Recent advisories from the maintainers of ownCloud have revealed three critical vulnerabilities within their open-source file-sharing software that could lead to unauthorized access, data modification, and exposure of sensitive information. These vulnerabilities pose significant risks to users and require immediate attention. The first flaw, identified as CVE-2023-49103, boasts a CVSS…
Google has distributed critical security updates addressing seven vulnerabilities in its Chrome browser, one of which is a high-severity zero-day exploit currently being weaponized in the wild. This vulnerability, identified as CVE-2023-6345, is classified as an integer overflow flaw within Skia, an open-source 2D graphics library frequently utilized in web…
A critical security vulnerability affecting Apache ActiveMQ has recently been revealed, with threat actors actively exploiting it to deploy a new Go-based botnet named GoTitan alongside a remote access tool called PrCtrl Rat. This latter program facilitates remote control of compromised systems. The assaults are centered around a remote code…
Recent CACTUS Ransomware Campaign Targets Qlik Sense Vulnerabilities A new ransomware campaign, identified as CACTUS, has been leveraging recently revealed security vulnerabilities within Qlik Sense, a cloud analytics and business intelligence platform. This operation has sparked significant concern among cybersecurity experts, marking the first known use of these vulnerabilities by…
Recent reports from cybersecurity experts have indicated the emergence of a sophisticated variant of the P2PInfect botnet, which has shown the ability to target both routers and Internet of Things (IoT) devices. This new iteration has been identified by Cado Security Labs as specifically tailored for Microprocessor without Interlocked Pipelined…
