Security News

North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations...

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. Kill icaconnection -all kill rdp connection -all kill pcoipConnection -all kill aaa session -all clear lb persistentSessions.

The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing...

The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea....

Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work...

NDSC says that the Russian hackers used a Ngrok free static domain to access the command and control server hosted on their Ngrok instance. A report from Google in October notes that the security issue was exploited by Russian and Chinese state hackers to steal credentials and other sensitive data, as well as to establish persistence on target systems.

Google's Threat Analysis Group has discovered that threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. According to Google's threat analysts, the threat actors exploited the vulnerability on government systems in Greece, Moldova, Tunisia, Vietnam, and Pakistan to steal email data, user credentials, and authentication tokens, perform email forwarding, and lead victims to phishing pages.

Scattered Spider attacks were documented since last summer when researchers at cybersecurity company Group-IB publishing a report about a spree of attacks aiming to steal Okta identity credentials and 2FA codes, which had started March the same year. The FBI and CISA alert highlights Scattered Spider's powerful initial access tactics that involve targeting a company's employees by posing as IT or help-desk staff and tricking them into providing credentials or even direct network access.

A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of...

A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data...