Sygnia has discovered that Chinese threat actors, specifically Velvet Ant, have been exploiting a zero-day vulnerability in certain Cisco switches to install malware. These threat actors gained access to Cisco Nexus switches by harvesting administrator-level credentials, allowing them to remotely connect to compromised devices and execute malicious code. The vulnerability, known as CVE-2024-20399, has since … Read more
A China-linked group, Velvet Ant, exploited a zero-day vulnerability in Cisco NX-OS software, leading to the deployment of custom malware on vulnerable switches. The flaw, identified as CVE-2024-20399 with a CVSS score of 6.0, allowed attackers to execute arbitrary commands as root within the operating system of affected devices. Only attackers with administrator credentials could … Read more
A cyber espionage group known as Velvet Ant, believed to have ties to China, has been observed exploiting a zero-day vulnerability in Cisco NX-OS software used in switches to distribute malware. The vulnerability, tracked as CVE-2024-20399, allows an authenticated, local attacker to execute arbitrary commands as root on the affected device. By exploiting this flaw, … Read more
Cisco recently patched a zero-day exploit in its NX-OS software that was used in cyber attacks back in April. The cybersecurity firm Sygnia identified the attacks as being carried out by a Chinese state-sponsored group known as Velvet Ant. The attackers were able to gain root access to vulnerable switches and install custom malware, allowing … Read more
A recent discovery by security firm Malwarebytes has revealed that fake ads circulating through Google Ads are promoting Mac malware designed to steal sensitive data from unsuspecting Internet users. The malicious ads are promoting a fake version of Arc, a browser that promises a clutter-free and personal browsing experience. The ads redirect users to a … Read more
Cisco Talos researchers have uncovered an ongoing campaign by a threat actor known as SneakyChef, using the SugarGh0st malware since August 2023. The campaign has expanded its targets from South Korea and Uzbekistan to include countries in EMEA and Asia, using lures resembling scanned documents from government agencies. The team discovered a new infection chain … Read more
A recent study has revealed a dangerous campaign targeting Google Chrome users that could lead to malware infecting their PCs. Cybersecurity experts at Proofpoint have identified deceptive pop-ups masquerading as legitimate software updates within the Chrome browser, prompting users to download malicious code. This code can then execute a Trojan horse-like attack, compromising personal data … Read more
Cyber experts are issuing a warning about a new malware campaign that impersonates Microsoft and Google Chrome in an attempt to steal money from unsuspecting users. The malicious campaign, discovered by Proofpoint Online Security Company, involves fake browser updates and phishing emails that trick victims into downloading harmful files which then give cybercriminals access to … Read more
A recent cybersecurity alert has revealed a sophisticated new malware campaign that targets Microsoft device users by impersonating Microsoft Word and Google Chrome. The Proofpoint Online Security Company has been monitoring this malicious campaign since March, warning that cybercriminals are using creative attack chains to trick unsuspecting users into downloading harmful files. The malware, known … Read more
Cyber security specialists have issued a warning about a new and sophisticated spyware that poses as Microsoft and Google Chrome applications in an attempt to defraud Microsoft device owners. The company ‘Proofpoint’ has been monitoring this dangerous threat since March and has observed scammers using advanced tactics to carry out their crimes, as reported by … Read more