Helldown Ransomware Group Tied to Zyxel’s Firewall Exploits
Fraud Management & Cybercrime , Network Firewalls, Network Access… Source link
exploits
Helldown ransomware exploits Zyxel VPN flaw to breach networks
The new ‘Helldown’ ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. French cybersecurity firm Sekoia is reporting this with… Source link
Lazarus Group Exploits Google Chrome Flaw in New Campaign
A recently discovered cyber-attack by the notorious Lazarus Group, including its BlueNoroff subgroup, has exposed a new vulnerability in Google Chrome. The group used a zero-day exploit to take complete control of infected systems, marking the… Article Source https://www.infosecurity-magazine.com/news/lazarus-group-exploits-google/
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel… Article Source https://thehackernews.com/2024/10/lazarus-group-exploits-google-chrome.html
CISO Series: Senator Demands Action from CISA, Cisco Vulnerable to Velvet Ant Exploits, Europol Takes Down Cobalt Threat
In recent cybersecurity news, a senator has been putting pressure on the Cybersecurity and Infrastructure Security Agency (CISA) to step up their efforts in protecting critical infrastructure. The senator’s actions come as a response to growing concerns over cyber threats to essential services and systems. Meanwhile, a new cyber threat has emerged in the form … Read more
Chinese Velvet Ant Group Exploits Zero-Day Bug Patched by Cisco
A recent report has shown that Chinese state-backed hackers took advantage of a zero-day vulnerability in Cisco Nexus switches that had just been patched. Cisco released a fix for CVE-2024-20399, a flaw in the Cisco NX-OS software’s command-line interface that could allow a local attacker to run arbitrary commands as root with administrator privileges. The … Read more
Worries escalate as nation states and criminal groups launch exploits targeting CitrixBleed
Criminal threat groups and nation-state actors have been exploiting a critical vulnerability in Citrix Netscaler ADC and Netscaler Gateway, as warned by the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. The vulnerability, known as CitrixBleed, has been used by LockBit 3.0 affiliates to gain access to Boeing’s parts and distribution unit for a … Read more
North Korea Exploits Google to Gain Access to Passwords
North Korean hackers recently utilized a Google Chrome extension to carry out a cyber espionage operation targeting South Korean individuals. The hack involved the installation of a fake translation program called “TRANSLATEXT” on victims’ devices, allowing the hackers access to personal data such as passwords and emails. The extension, disguised as a legitimate Google translation … Read more
Citrix NetScaler Devices Vulnerable to Zero-Day Exploits
Citrix has issued a warning to its customers using NetScaler ADC and NetScaler Gateway appliances regarding two zero-day vulnerabilities that are actively being exploited in the wild. These vulnerabilities, known as CVE-2023-6548 and CVE-2023-6549, can allow attackers to carry out remote code execution and denial of service attacks on affected devices. The NetScaler ADC and … Read more
SecurityWeek Reports VMware Patching Vulnerabilities from Pwn2Own 2024 Exploits
VMware recently addressed vulnerabilities that were exploited during the Pwn2Own hacking competition in 2024. The company has released patches to address these security flaws, ensuring that its customers’ systems are protected from potential cyber threats. The vulnerabilities were discovered and utilized by ethical hackers during the competition, highlighting the importance of addressing such issues promptly. … Read more