November 20, 2024 at 09:39AM The cybercriminal group “Water Barghest” exploits vulnerabilities in IoT devices to create proxy botnets, already compromising over 20,000 devices. Using automated scripts and proprietary malware, they sell these devices on a residential proxy marketplace. This poses significant security challenges, prompting the need for enhanced IoT protection measures. **Meeting Takeaways:** 1. … Read more
November 21, 2023 at 11:41AM Admins who have patched their NetScaler appliances against the Citrix Bleed vulnerability must take additional measures to secure their devices. Citrix advises wiping all previous user sessions and terminating active ones to prevent attackers from accessing compromised devices. The flaw has been actively exploited since late August, and compromised sessions … Read more
November 15, 2023 at 08:58AM The US government has taken down the IPStorm botnet and arrested the man responsible for its operation. The botnet distributed malware to thousands of devices worldwide, allowing cybercriminals to use them for a proxy service. The guilty party, Sergei Makinin, faces up to 10 years in prison and has agreed … Read more
October 19, 2023 at 07:06AM Approximately 40,000 Cisco devices have been hacked through an unpatched vulnerability in the IOS XE. The vulnerability, identified as CVE-2023-20198, allows attackers to escalate privileges and gain control of the system. Cisco has not released patches and warns that the vulnerability has been exploited as a zero-day since mid-September. Vulnerability … Read more
October 17, 2023 at 04:49PM More than 10,000 Cisco IOS XE devices have been compromised and infected with malicious implants through a zero-day bug. The vulnerability has been exploited in attacks on devices running Cisco IOS XE software with the Web User Interface feature and HTTP/HTTPS Server feature enabled. Security company VulnCheck has released a … Read more
October 17, 2023 at 09:20AM Attackers have exploited a critical zero-day bug to compromise and infect Cisco IOS XE devices with malicious implants. Threat intelligence company VulnCheck found thousands of compromised hosts. Cisco has advised administrators to disable the vulnerable HTTP server feature and look for breach indicators. A patch is not yet available. Key … Read more