FIN8-linked actor targets Citrix NetScaler systems Pierluigi Paganini August 29, 2023 A financially motivated actor linked to the FIN8 group exploits the CVE-2023-3519 RCE in… Article Source https://securityaffairs.com/150028/cyber-crime/fin8-citrix-netscaler.html
News – Scroller Home Page – Cisco takes DevHub portal offline following threat actor data leak TEISS Article Source https://www.teiss.co.uk/news/news-scroller/cisco-takes-devhub-portal-offline-following-threat-actor-data-leak-14827
A cyberespionage group called “Velvet Ant,” believed to be aligned with China, recently exploited a zero-day vulnerability in Cisco Nexus devices. This flaw, identified as CVE-2024-20399, allows an attacker to execute arbitrary commands as root on the affected device. According to Sygnia researchers, this exploit led to the deployment of custom malware that enabled remote … Read more
A recent report by Cisco Talos revealed the activities of a cyber espionage threat actor known as LilacSquid, or UAT-4820. LilacSquid targets organizations in various sectors across the US, Europe, and Asia by exploiting vulnerable web applications or using compromised Remote Desktop Protection credentials to infect systems with custom PurpleInk malware. The threat actor has … Read more
.webp?w=1600&resize=1600,900&ssl=1 "Threat Actor Allegedly in Possession of AWS, Azure, MongoDB, and Github API Keys")
A threat actor claimed to have obtained unauthorized access to API keys for major cloud service providers like Amazon Web Services (AWS), Microsoft Azure, MongoDB, and GitHub. This announcement was made on social media platform X by the DarkWebInformer account. The news has sparked concern within the cybersecurity community, leading affected companies and experts to … Read more