August 27, 2024 at 10:33AM Volt Typhoon, a China-based cyber espionage group, has been linked with exploiting a high-severity security flaw in Versa Director. The attacks targeted U.S. and non-U.S. victims in ISP, MSP, and IT sectors. The flaw allows malicious file uploads, potentially leading to large-scale supply chain attacks. Recommendations include security mitigations and … Read more
July 16, 2024 at 10:34AM An APT group named Void Banshee exploited an unpatched Microsoft zero-day (CVE-2024-38112) in a spear-phishing campaign to spread Atlantida Stealer across North America, Europe, and Southeast Asia. The group used malicious PDFs to target victims and extract sensitive data and system information from their machines, taking advantage of unsupported services … Read more
July 16, 2024 at 09:41AM A Trend Micro blog post reveals new details about the exploit of a Microsoft zero-day flaw by an APT group known as Void Banshee, spreading the Atlantida Stealer in a spear-phishing campaign targeting victims in North America, Europe, and Southeast Asia. The attackers use unpatched vulnerabilities in the now-retired Internet … Read more
June 12, 2024 at 02:17PM Google released a significant Pixel security update addressing a zero-day vulnerability CVE-2024-32896 exploited in the wild. The update addresses 44 Pixel-specific vulnerabilities, including seven critical bugs. It also fixes issues in Qualcomm components. Additionally, a separate actively exploited Arm Mali GPU Kernel Driver flaw, tagged as CVE-2024-4610, has been highlighted. … Read more
April 20, 2024 at 01:57AM Palo Alto Networks has disclosed a critical security flaw, CVE-2024-3400, in PAN-OS being actively exploited by threat actors. The flaw allows unauthenticated remote shell command execution via a two-stage attack. The company has expanded patches to cover affected software versions and recommends applying hotfixes to mitigate potential threats. CISA has … Read more
April 13, 2024 at 09:01AM Suspected state-sponsored hackers have exploited an unpatched zero-day in Palo Alto Networks firewalls (CVE-2024-3400) since March 26, breaching internal networks to steal data and credentials. Palo Alto Networks released mitigations until the patches were complete. Volexity tracked the malicious activity (UTA0218) and detected the backdoor ‘Upstyle,’ with detailed exploitation methods … Read more
April 12, 2024 at 04:48PM A zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks firewalls has been exploited by threat actor ‘UTA0218’ for over two weeks. The issue permits unauthorized execution of code with root privileges. Palo Alto is expected to release patches by April 14. Organizations are urged to take immediate mitigation steps and be … Read more
January 22, 2024 at 06:12AM Mandiant reports that a Chinese cyberespionage group exploited a zero-day vulnerability in VMware vCenter Server (CVE-2023-34048) since 2021. The flaw allows remote code execution and was actively exploited, with evidence suggesting a sophisticated China-linked group, UNC3886, as responsible. VMware released patches and urged customers to apply them promptly. Key Takeaways … Read more