Cato Networks to Present on AI and SASE at Cloud Expo Europe and DevOps Live

Cato Networks to Present on AI and SASE at Cloud Expo Europe and DevOps Live

Cato Networks, provider of the world’s leading single-vendor SASE platform, today announces that Senior Director of Security Strategy, Etay Maor, and ​​Director of Product Marketing, Greg Duffy, will be speaking at the upcoming Tech Show London, within its Cloud Expo Europe and DevOps Live co-located events.  Taking place on the 6th – 7th of March at … Read more

Zyxel Firewall Flaw Let Attackers Execute Remote Code

Zyxel Firewall Flaw Let Attackers Execute Remote Code

Four new vulnerabilities have been discovered in some of the Zyxel Firewall and access point (AP) versions that are associated with Denial of Service, OS Command Injection, and Remote code execution. These vulnerabilities have been assigned with CVE-2023-6397, CVE-2023-6398, CVE-2023-6399, and CVE-2023-6764. The severity of these vulnerabilities ranges between 6.5 (Medium) and 8.1 (High). However, … Read more

Hackers Abuse Telegram API To Exfiltrate User Information

Hackers Abuse Telegram API To Exfiltrate User Information

Attackers have been using keywords like “remittance” and “receipts” to spread phishing scripts using Telegram to steal user data indiscriminately. In the past, phishing script files were disseminated using various strategies and techniques, like asking users to log in before they can access protected files or pretending to be the Microsoft login page. Hence, the … Read more

ThreatHunter.ai Stops Hundreds of Attacks in 48 Hours: Fighting Ransomware and Nation-State Cyber Threats

ThreatHunter.ai Stops Hundreds of Attacks in 48 Hours: Fighting Ransomware and Nation-State Cyber Threats

The current large surge in cyber threats has left many organizations grappling for security so ThreatHunter.ai is taking decisive action. Recognizing the critical juncture at which the digital world stands, ThreatHunter.ai is now offering their cutting-edge cybersecurity services free of charge to all organizations for 30 days, irrespective of their current cybersecurity measures.  James McMurry, … Read more

WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking

WordPress Plugin Flaw Exposes 200,000+ Websites for Hacking

A critical security flaw has been identified in the Ultimate Member plugin for WordPress, which could potentially put over 200,000 websites at risk. The vulnerability was discovered by Christiaan Swiers and reported through the Wordfence Bug Bounty Program, earning him a bounty of $2,063.00. The flaw in question is an unauthenticated SQL Injection vulnerability that … Read more

Hackers Actively Hijacking ConnectWise ScreenConnect server

Hackers Actively Hijacking ConnectWise ScreenConnect server

ConnectWise, a prominent software company, issued an urgent security bulletin on February 19, 2024, revealing two significant vulnerabilities in its self-hosted ScreenConnect servers. These vulnerabilities were initially reported on February 13 through a vulnerability disclosure program and were not actively exploited until February 20. The first vulnerability, identified as CVE-2024-1708, is a path traversal issue … Read more

CISA Details Cloud-Focused Attack Techniques Used by APT29

CISA Details Cloud-Focused Attack Techniques Used by APT29

The United States government and several of its allies are warning organizations about new and evolving tactics being used by APT29, one of the more mature and active threat groups, to target cloud services and gain access to sensitive data. APT29, also known widely as Cozy Bear, is a group associated with the Russian SVR … Read more

Categories duo

Nation-State Threat Actors Hit Change Healthcare

Nation-State Threat Actors Hit Change Healthcare

Health insurance company UnitedHealth Group said it is responding to a cyberattack by a nation-state threat actor impacting the IT systems of its Change Healthcare subsidiary. According to a filing with the SEC last week, UnitedHealth said it found out on Feb. 21 that the actors gained access to some of Change Healthcare’s systems. After … Read more

Categories duo

Beware That Anonymous Sudan Is Promoting A New DDoS Botnet

Beware That Anonymous Sudan Is Promoting A New DDoS Botnet

It has come to light that a group known as Anonymous Sudan is actively promoting a new Distributed Denial of Service (DDoS) botnet service named “Skynet-GodzillaBotnet.” An advertisement circulating online showcases a red dragon logo with the word “SKYNET.” The service is being marketed as a powerful tool for executing DDoS attacks, with the group … Read more

Scattered Spider: Advanced Techniques for Launching High-Profile Attacks

Scattered Spider: Advanced Techniques for Launching High-Profile Attacks

Scattered Spider is a threat group responsible for attacking several organizations since May 2022 by using techniques like social engineering, ransomware, extortion, SIM Swapping and many other tactics. There were also reports that this threat group was affiliated with the BlackCat ransomware since mid-2023. Their most notable attacks that made it to the media include … Read more

8220 Hacker Group Attacking Linux & Windows Users to Mine Crypto

8220 Hacker Group Attacking Linux & Windows Users to Mine Crypto

In a significant escalation of cyber threats, the 8220 Gang, a notorious Chinese-based hacker group, has intensified its attacks on cloud-based infrastructure, targeting both Linux and Windows users to mine cryptocurrency. This latest campaign, from May 2023 through February 2024, marks a concerning advancement in the group’s tactics and poses a heightened risk to cloud security worldwide. Document Live Account Takeover Attack Simulation How do Hackers Bypass 2FA? Live attack simulation Webinar … Read more

jsplaces