Mind your header! There’s nothing refreshing about phishers’ latest tactic

September 12, 2024 at 05:24AM Palo Alto’s Unit 42 threat intel team warns of a rising tactic used by phishers to steal victims’ credentials. They identified over 2,000 large-scale phishing campaigns abusing HTTP header refresh entries to redirect visitors to malicious websites. The phishing attacks primarily target business and economy sectors, highlighting the need for … Read more

TeamViewer can’t bring itself to say someone broke into its network – but it happened

June 27, 2024 at 08:43PM TeamViewer detected an irregularity in its corporate IT environment and promptly called in cybersecurity investigators and implemented remediation measures. While TeamViewer downplays the incident, NCC Group suggests an advanced persistent threat (APT) group’s compromise. Health sector warned of ongoing exploitation by APT29. Investigations are ongoing. Potential impact on customer data … Read more

Attacks Surge on Check Point’s Recent VPN Zero-Day Flaw

June 6, 2024 at 04:36PM A recent spike in exploit activity is targeting a critical flaw (CVE-2024-24919) in Check Point’s VPN technology. Attack attempts began in April, with a major increase after a public proof-of-concept was released. Over 13,000 exposed systems are at risk, prompting urgent patching. The US government has issued a deadline for … Read more

Critical Fluent Bit bug affects all major cloud providers, say researchers

May 21, 2024 at 01:54PM Infosec researchers have flagged a critical vulnerability (CVE-2024-4323) in Fluent Bit, a widely used logging component. Tenable discovered the flaw, potentially leading to denial of service, information leakage, and remote code execution. The issue affects versions 2.0.7 through 3.0.3 and may compromise the security of major cloud providers and blue … Read more

AnyDesk revokes signing certs, portal passwords after crooks sneak into systems

February 5, 2024 at 01:34PM AnyDesk acknowledged an IT security incident where criminals breached its systems. Though not related to ransomware, the intrusion compromised the code signing certificate, posing a threat of distributing malware as legitimate software. The company has taken steps to address the situation, including revoking security certificates, recommending password changes, and hiring … Read more