Security Intelligence

North Korean hackers exploiting DMARC policies in spearphishing campaign

North Korea exploiting weak and missing DMARC policies to send spoofed emails to think tanks, researchers, academic...

Security Intelligence

U.S. Government identifies and indicts LockBit mastermind

Operation Cronos Task Force reveals identity of LockBit's main administrator and developer, Russian national Dmitry...

Security Intelligence

Researchers discover links between China and ArcaneDoor campaign

ArcaneDoor campaign targeting perimeter network devices from several vendors linked to Chinese state-sponsored cyber...

Security Intelligence

Iran-linked APT42 targets West and Middle East with custom backdoors

APT42 observed using realistic, but ultimately fictitious, online personas and typo-squatted domains to backdoor...

Security Intelligence

Police hint new information on LockBit coming soon

Operation Cronos team revives seized LockBit site hinting further information will be released on Tuesday, May 7.

Security Intelligence

U.S government warns pro-Russian hacktivists targeting critical infrastructure

U.S. and allied nations sound the alarm on pro-Russian hacktivists targeting operational technology systems to disrupt...

Security Intelligence

Cisco shuts ‘ArcaneDoor’ on exploitation of firewall zero days

Cisco warns a likely state-sponsored threat actor UAT4356 has been exploiting two zero-day vulnerabilities in firewalls...

Security Intelligence

CrushFTP quickly patches zero-day vulnerability

CrushFTP is warning users update as soon as possible amid the discovery of a zero-day vulnerability being actively...

Security Intelligence

Cisco patches high-severity flaw affecting various commercial routers

Cisco has released an update to address a high-severity flaw found in several commercial-grade routers and switches.

Security Intelligence

Ivanti addresses critical security flaws in Avalanche MDM

Ivanti is warning users of its Avalanche mobile device management (MDM) solution to patch 27 vulnerabilities, two of...

Security Intelligence

Brute-force campaign targeting VPN services

Beware an ongoing brute-force campaign targeting VPN and SSH services on CheckPoint, Fortinet, SonicWall, Ubiquiti, and...

Security Intelligence

Palo Alto begins releasing updates for maximum-severity zero day

Palo Alto Networks has begun releasing updates to address a maximum-severity flaw affecting the PAN-OS software.