CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

October 11, 2024 at 05:27AM CISA warns of threat actors exploiting unencrypted persistent cookies in F5 BIG-IP Local Traffic Manager for network reconnaissance. Organizations are advised to encrypt these cookies and use the BIG-IP iHealth diagnostic tool. Meanwhile, joint U.S.-U.K. agencies highlight threats from APT29, a Russian military intelligence group targeting various sectors. **Meeting Takeaways … Read more

Experts Warn of Critical Unpatched Vulnerability in Linear eMerge E3 Systems

October 10, 2024 at 08:46AM Cybersecurity researchers have identified an unpatched vulnerability (CVE-2024-9441) in Nice Linear eMerge E3 access controllers, allowing remote command execution. It has a CVSS score of 9.8. The vendor has not yet provided a fix. Experts advise isolating affected devices and implementing security measures to mitigate risks. ### Meeting Takeaways – … Read more

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

October 10, 2024 at 02:06AM CISA has added a critical vulnerability (CVE-2024-23113) impacting Fortinet products to its KEV catalog, requiring federal agencies to apply mitigations by October 30, 2024. Meanwhile, Palo Alto Networks disclosed multiple high-risk flaws in Expedition and Cisco patched a critical command execution vulnerability in Nexus Dashboard Fabric Controller. ### Meeting Takeaways … Read more

CISA says critical Fortinet RCE flaw now exploited in attacks

October 9, 2024 at 06:11PM CISA announced that attackers are exploiting a critical FortiOS remote code execution vulnerability (CVE-2024-23113), allowing unauthenticated access to unpatched devices. U.S. federal agencies must secure their FortiOS devices within three weeks. Fortinet recommends removing access to the vulnerable fgfmd daemon as a mitigation measure. ### Meeting Takeaways: 1. **Critical Vulnerability … Read more

New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks

October 8, 2024 at 05:54PM A new scanner, created by Marcus Hitchins, is designed to identify devices vulnerable to the CUPS RCE flaw (CVE-2024-47176). By setting up an HTTP server on the scanning machine, the Python script sends custom UDP packets to the network, eliciting responses from vulnerable devices. The generated results aid system administrators … Read more

Casio reports IT systems failure after weekend network breach

October 8, 2024 at 09:40AM Japanese tech giant Casio experienced a cyberattack on October 5, causing system disruption and impacting some services. Casio confirmed the unauthorized access and is currently unable to share additional details due to ongoing investigations. The company has reported the incident to data protection authorities and promptly implemented measures to restrict … Read more

Salt Typhoon APT Subverts Law Enforcement Wiretapping: Report

October 7, 2024 at 04:06PM The Chinese state-sponsored APT, Salt Typhoon, reportedly breached major US broadband provider networks, gaining access to lawful intercept infrastructure used by law enforcement for wiretapping. The affected providers include AT&T, Verizon, and Lumen Technologies. Sources suggest the APT had access to internet traffic and targeted entities outside the US. This … Read more

AT&T, Verizon reportedly hacked to target US govt wiretapping platform

October 7, 2024 at 10:56AM Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, were breached by the Chinese hacking group Salt Typhoon. The attack aimed at gathering intelligence from systems used by the U.S. federal government for network wiretapping requests. This sophisticated group has also targeted entities in other countries and utilizes various … Read more

Highline Public Schools confirms ransomware behind shutdown

October 4, 2024 at 04:38PM Highline Public Schools faced a ransomware attack, prompting the shutdown of all schools in early September. Although the central office remained open, network systems are being rebuilt, and re-imaging of staff and student devices is scheduled for October 14. No specific details of the attack are available, and measures to … Read more

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

October 4, 2024 at 06:00AM Cloudflare revealed fending off a record-setting 3.8 Tbps DDoS attack and multiple other attacks. The attacks, primarily targeting financial, internet, and telecommunication sectors, utilized compromised devices across several countries. Cloudflare attributed the high-rate attacks to botnets exploiting a critical ASUS router flaw. DDoS attacks have surged in frequency, with added … Read more