Security Intelligence

Operation Cronos continues game of whack-a-mole with LockBit

The Operation Cronos Task Force arrests four suspects linked to the prolific ransomware gang LockBit.

Security Intelligence

NK-based APT compromises German missile manufacturer via phishing scam

North Korean state-sponsored cyber actors Kimsuky blamed for compromise of German missile and ammunition manufacturer...

Security Intelligence

Critical NVIDIA vulnerability could allow full host takeover

NVIDIA addresses a critical vulnerability in Container Toolkit, a library used for accessing NVIDIA GPU hardware on 35%...

Security Intelligence

Kia avoids potential hack of millions of vehicles

Kia updates its dealer web portal to address vulnerability that could allow silent unauthorized access to millions of...

Security Intelligence

CISA warns threat actors targeting water, other industrial systems

CISA warns threat actors actively attempting to breach systems associated with water and other critical infrastructure...

Security Intelligence

Critical vulnerability in Ivanti vTM now exploited

CISA adds critical vulnerability in Ivanti’s vTM to its Known Exploited Vulnerabilities catalog.

Security Intelligence

U.S. proposes ban on Chinese/Russian connected vehicles

White House proposes a ban on the import and sale of connected vehicles built by companies with a Chinese or Russian...

Security Intelligence

Another critical vulnerability in Ivanti CSA exploited

Ivanti is reporting that a new vulnerability in its Cloud Service Appliance (CSA) is being actively exploited in the...

Security Intelligence

GitLab patches max-severity authentication bypass vulnerability

GitLab has released an update to address a maximum-severity SAML vulnerability in self-managed deployments.

Security Intelligence

FBI derails Chinese ‘Raptor Train’

FBI dismantles massive China-linked botnet, dubbed ‘Raptor Train’, consisting of 260,000+ compromised small office/home...

Security Intelligence

Lazarus targets aerospace and energy job seekers

Lazarus once again leveraging job-themed attack vector to target job seekers in the energy and aerospace industry.

Security Intelligence

SolarWinds patches two Access Rights Manager vulnerabilities

SolarWinds releases updates to address two vulnerabilities in its Access Rights Manager (ARM) software.