November 14, 2023 at 09:53AM The FBI and CISA have released guidance on the Royal ransomware operation, suggesting that it may undergo a rebrand. The agencies have observed code overlaps and similarities in intrusion techniques between Royal and BlackSuit ransomware, indicating a potential rebrand or spinoff variant. The advisory provides information on the IOCs and … Read more
November 13, 2023 at 03:43PM The Royal ransomware gang has breached over 350 organizations worldwide since September 2022, demanding over $275 million in ransom. They conduct data exfiltration and extortion before encryption and will leak victim data if the ransom is not paid. The gang may be planning a rebranding initiative and a spinoff variant … Read more
November 9, 2023 at 05:30AM The US cybersecurity agency CISA has warned of threat actors using a Service Location Protocol (SLP) vulnerability to conduct denial-of-service (DoS) attacks with a high amplification factor. The flaw, tracked as CVE-2023-29552, allows unauthenticated remote attackers to register arbitrary services and use spoofed UDP traffic to amplify the magnitude of … Read more
November 9, 2023 at 01:09AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2023-29552, the flaw could be exploited for denial-of-service attacks with a high amplification factor. Federal agencies are required to apply necessary mitigations by … Read more
November 4, 2023 at 12:30PM SecurityWeek’s weekly cybersecurity roundup highlights several significant developments. Stanford University suffered a ransomware attack, resulting in 430 GB of data being stolen. The MOVEit hack compromised around 632,000 email addresses from the US Justice and Defense Departments. The Henry Schein cyberattack was claimed by the BlackCat ransomware group. A link … Read more
October 30, 2023 at 04:39PM The US Cybersecurity and Infrastructure Security Agency (CISA) may face budget cuts if efforts to combat disinformation about US elections continue. Cuts could affect CISA’s ability to defend federal networks and aid critical infrastructure against cyberattacks. Cuts would hinder progress in handling increasing attacks, but CISA has been successful in … Read more
October 19, 2023 at 08:42AM The US cybersecurity agency CISA, along with the NSA, FBI, and MS-ISAC, has released a joint guide on phishing techniques. Threat actors use social engineering to trick victims into revealing their credentials or visiting malicious websites. To mitigate credential theft phishing, organizations are advised to implement strong multi-factor authentication and … Read more
October 17, 2023 at 09:30AM Weintek’s cMT HMI product has been found to have critical vulnerabilities that could be exploited by attackers. The vulnerabilities allow anonymous users to bypass authentication and execute arbitrary commands. If all vulnerabilities are combined, an attacker could gain full control of the HMI system. Weintek has released patches for affected … Read more
October 17, 2023 at 01:03AM Cisco has issued a warning about a critical security flaw in its IOS XE software that is being actively exploited. The vulnerability, assigned as CVE-2023-20198, allows remote attackers to create an account with high-level access and gain control of affected systems. The flaw only affects enterprise networking gear with the … Read more
October 16, 2023 at 11:08AM CISA, FBI, and MS-ISAC have issued a warning to network administrators to immediately patch their Atlassian Confluence servers due to a critical privilege escalation flaw (CVE-2023-22515) that is actively being exploited. The flaw affects Confluence Data Center and Server 8.0.0 and later versions. Atlassian has released security updates and advised … Read more