November 27, 2024 at 06:54PM The China-linked Salt Typhoon gang, known for targeting U.S. telecommunications, has expanded globally since 2023, affecting over 20 organizations across various sectors. Their toolkit includes new malware called GhostSpider and the Demodex rootkit. Their tactics involve exploiting server vulnerabilities and using legitimate tools for stealthy infiltration and espionage. ### Meeting … Read more
November 27, 2024 at 01:04AM A threat actor named Matrix has initiated a large-scale DDoS campaign by exploiting vulnerabilities in IoT devices, primarily targeting IP addresses in China and Japan. This operation utilizes publicly available scripts, promotes a DDoS-for-hire service via Telegram, and highlights the need for improved security practices to mitigate such attacks. **Meeting … Read more
November 26, 2024 at 12:48AM The U.S. CISA added a critical vulnerability (CVE-2023-28461) affecting Array Networks AG to its KEV catalog due to active exploitation. The flaw allows remote code execution without authentication. Agencies are urged to apply patches by December 16, 2024, as the China-linked group Earth Kasha exploits similar vulnerabilities. ### Meeting Takeaways … Read more
November 25, 2024 at 02:29PM Nicholas Michael Kloster, a 31-year-old from Kansas City, was indicted for hacking into a health club and a nonprofit to promote his cybersecurity services. His actions caused $5,000 in damages and included unauthorized access, data manipulation, and identity theft. He faces potential sentences totaling 15 years in prison if convicted. … Read more
November 25, 2024 at 12:56PM Zyxel warns that threat actors are exploiting a patched command injection vulnerability (CVE-2024-42057) in its firewalls, allowing remote code execution. A ransomware group, Helldown, has targeted affected devices. Users must upgrade to firmware 5.39 as earlier versions are susceptible to attacks. Immediate action is advised for optimal protection. ### Meeting … Read more
November 25, 2024 at 06:27AM This week’s cybersecurity recap emphasizes the pervasive digital risks we face daily, from telecom breaches to critical vulnerabilities in software. Key incidents include attacks by Liminal Panda and exploits of Palo Alto Networks’ flaws. Staying informed and prepared can mitigate risks and enhance cybersecurity, benefiting everyone, not just experts. ### … Read more
November 25, 2024 at 04:54AM A Russian cyberespionage group executed a Nearest Neighbor Attack to infiltrate Organization A’s network via Wi-Fi, after compromising a nearby organization. Investigated by Volexity, the attack involved credential theft and sophisticated methods like using Microsoft’s Cipher.exe to erase traces. The incident highlights Wi-Fi security vulnerabilities for organizations. ### Meeting Notes … Read more
November 24, 2024 at 08:37PM Volexity reported a “nearest neighbor attack” by Kremlin-backed hackers APT28, compromising networks via neighboring organizations’ Wi-Fi without MFA. Cisco warns of an expiring internal certificate risking device management. Microsoft seized 240 phishing sites linked to a suspect. Helldown ransomware targets Linux, and Jupyter Notebooks are hijacked for illegal sports streaming. … Read more
November 22, 2024 at 04:31PM Attackers exploited two recently patched vulnerabilities in Palo Alto Networks firewalls, compromising around 2,000 devices initially but down to 800 later. They deployed backdoors, malware, and cryptocurrency miners. The vulnerabilities enabled remote code execution, and the vendor continues to reference only a “limited number” of affected systems. ### Meeting Takeaways: … Read more
November 21, 2024 at 08:18PM The US Cybersecurity and Infrastructure Agency (CISA) simulated a cyber attack on a critical infrastructure provider, exploiting vulnerabilities to gain extensive access. They highlighted lessons learned, emphasizing the need for better detection controls, ongoing staff training, and leadership to prioritize addressing known vulnerabilities to prevent future breaches. ### Meeting Notes … Read more