September 5, 2024 at 07:12AM Multiple threat groups have exploited two old vulnerabilities in DrayTek VigorConnect management software to target organizations worldwide. The flaws allow attackers to download arbitrary files with root privileges. Exploitation attempts spiked in August, prompting CISA to add the vulnerabilities to its KEV catalog. The attacks seem broad and not targeting … Read more
May 7, 2024 at 09:57AM Iranian state-backed hacking group APT42 utilizes advanced social engineering tactics to breach target networks and cloud environments. The group impersonates journalists and event organizers to gain trust and steal credentials, operating as part of the larger APT35 group. Their operations involve extensive credential harvesting and data exfiltration while evading detection. … Read more
February 20, 2024 at 09:03AM The industrial cybersecurity firm Dragos has identified Volt Typhoon, a hacker group linked to the Chinese government, as a serious threat to organizations using industrial control systems (ICS) or operational technology (OT). The group’s cyberespionage activities and potential for disruption in critical infrastructure are highlighted in Dragos’ 2023 ICS/OT Cybersecurity … Read more
October 19, 2023 at 04:33PM North Korean state-backed threat groups, Diamond Sleet and Onyx Sleet, are exploiting a critical vulnerability in JetBrains TeamCity server to carry out cyber espionage, data theft, and other malicious activities. Over 30,000 organizations, including Citibank, Nike, and Ferrari, use TeamCity. The vulnerability allows attackers to gain administrative privileges and execute … Read more