Security News > 2024

Two zero-day vulnerabilities in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers have discovered. The two security flaws affect all supported versions of Ivanti Connect Secure - formerly known as Pulse Connect Secure - and Ivanti Policy Secure.

The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group....

These assessment services typically test defenses against ten to twenty attack techniques, and only use one variations of each technique. How can teams defend against the huge cloud of possible variations of each attack technique when they don't account for all those variations? This is why I believe purple team assessments must evolve.

A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity...

In the cloud, offensive cybersecurity is less about brute force and more about strategic finesse. The approach to offensive cybersecurity becomes more proactive, intelligent, and nuanced.

Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked...

In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we'll see from the CISO role as digital transformation efforts continue. It is now a position that leads cross-functional teams to match the speed and boldness of digital transformations with agile, forward-thinking security and privacy strategies, investments, and plans.

APIs power the digital world-our phones, smartwatches, banking systems and shopping sites all rely on APIs to communicate. The seamless integrations that APIs allow for have driven organizations across industries to increasingly leverage them - some more quickly than others.

Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November. "The company has no evidence that any customer-owned system was directly impacted in the incident, and no customer has reported that this has occurred. The last confirmed date of unauthorized third-party activity in the company's network occurred on November 20, 2023.".

As Mandiant found during a follow-up investigation into the incident, the attacker used a wallet drainer dubbed CLINKSINK. This same drainer has been used since December to steal funds and tokens from users of Solana cryptocurrency as part of a large-scale campaign involving at least 35 affiliate IDs linked to a shared drainer-as-a-service. Since the start of the year, a massive wave of account breaches has impacted X users, with verified organizations getting hacked to spread cryptocurrency scams and links to wallet drainers.