Security News > 2024 > April

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigationWhile it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices' telemetry, it has now been confirmed that this mitigation is ineffectual. Geopolitical tensions escalate OT cyber attacksIn this Help Net Security interview, Andrew Ginter, VP of Industrial Security at Waterfall Security, discusses operational technology cyber attacks and their 2024 Threat Report.

The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server. On Thursday, Japan's CERT published an alert on its vulnerability notes portal warning about the existence of a critical severity flaw in Forminator that may allow a remote attacker to upload malware on sites using the plugin.

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. While most of the malware activity has been based around the Microsoft GitHub URLs, this "Flaw" could be abused with any public repository on GitHub, allowing threat actors to create very convincing lures.

Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the...

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the...

Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. Ransomware gang starts leaking alleged stolen Change Healthcare data.

CrushFTP warned customers today in a private memo of an actively exploited zero-day vulnerability fixed in new versions released today, urging them to patch their servers immediately. The company also warned customers with servers still running CrushFTP v9 to immediately upgrade to v11 or update their instance via the dashboard.

A new bioadhesive makes it easier to attach trackers to squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks. To celebrate the launch, the threat actor released four private decryption keys that can be used to decrypt files in older attacks, as well as internal information stolen from Cisco in a 2022 attack and passwords for the leaked source code for Gwent, Witcher 3, and Red Engine stolen from CD Projekt in 2021.