vulnerability

Chinese-linked advanced persistent threat group utilized a vulnerability in Cisco NX-OS to distribute customized malware

by
Chinese-linked advanced persistent threat group utilized a vulnerability in Cisco NX-OS to distribute customized malware

A China-linked group, Velvet Ant, exploited a zero-day vulnerability in Cisco NX-OS software, leading to the deployment of custom malware on vulnerable switches. The flaw, identified as CVE-2024-20399 with a CVSS score of 6.0, allowed attackers to execute arbitrary commands as root within the operating system of affected devices. Only attackers with administrator credentials could … Read more

Chinese hackers are using vulnerability in Cisco switches to distribute malware

by
Chinese hackers are using vulnerability in Cisco switches to distribute malware

A cyber espionage group known as Velvet Ant, believed to have ties to China, has been observed exploiting a zero-day vulnerability in Cisco NX-OS software used in switches to distribute malware. The vulnerability, tracked as CVE-2024-20399, allows an authenticated, local attacker to execute arbitrary commands as root on the affected device. By exploiting this flaw, … Read more

Active Attack Targeting Cisco NX-OS Zero-Day Command Injection Vulnerability

by
Active Attack Targeting Cisco NX-OS Zero-Day Command Injection Vulnerability

A critical vulnerability has been identified in the command line interface (CLI) of Cisco NX operating system, allowing attackers to execute arbitrary commands as root on affected devices. This zero-day flaw, known as CVE-2024-20399, poses a significant threat to network security, especially for organizations using Cisco Nexus and MDS series switches. The vulnerability stems from … Read more

Chinese hackers exploit Cisco NX-OS vulnerability

by
Chinese hackers exploit Cisco NX-OS vulnerability

Cybersecurity researchers have identified a Chinese cyberespionage campaign targeting a vulnerability in Cisco’s NX-OS software. The threat group Velvet Ant was found deploying malware on Cisco Nexus switches. Sygnia, a cybersecurity firm, discovered the vulnerability and alerted Cisco, who then released updates to address it. The exploit allows attackers to execute arbitrary commands on the … Read more

Chinese hackers known as the ‘Silk Ants’ captured exploiting a new zero-day vulnerability in Cisco devices

by
Chinese hackers known as the ‘Silk Ants’ captured exploiting a new zero-day vulnerability in Cisco devices

A recent zero-day vulnerability was exploited by Chinese state-sponsored hackers in April on Cisco devices, as revealed by Cisco and Sygnia Advisories. The vulnerability, known as CVE-2024-20399, affects Cisco NX-OS software used in Nexus series switches for networking. The hackers, known as the Velvet Ant group, were able to gain access to Cisco Nexus switches … Read more

Cisco Issues Warning About Exploited NX-OS Zero-Day Vulnerability Used for Deploying Malware

by
Cisco Issues Warning About Exploited NX-OS Zero-Day Vulnerability Used for Deploying Malware

Cisco recently patched a zero-day exploit in its NX-OS software that was used in cyber attacks back in April. The cybersecurity firm Sygnia identified the attacks as being carried out by a Chinese state-sponsored group known as Velvet Ant. The attackers were able to gain root access to vulnerable switches and install custom malware, allowing … Read more

Hackers focusing on US critical infrastructure exploit Citrix zero-day vulnerability

by

Cybersecurity experts have recently discovered that hackers are utilizing a zero-day vulnerability in Citrix software to target critical infrastructure in the United States. This alarming development has raised serious concerns about the security of essential systems and services that the country relies on daily. According to reports, the hackers are exploiting a vulnerability in Citrix … Read more

Race to Patch CitrixBleed Vulnerability and Conduct Malicious Activity Analysis

by
Race to Patch CitrixBleed Vulnerability and Conduct Malicious Activity Analysis

The Cybersecurity and Infrastructure Security Agency is urging organizations to address an active vulnerability in Citrix NetScaler ADC and NetScaler Gateway, known as CitrixBleed, which could lead to session hijacking. Despite a patch being released on Oct. 10, exploitation of the vulnerability has been increasing, with Rapid7 researchers observing ongoing attacks in sectors such as … Read more

Understanding the VMware vCenter RCE Vulnerability: Important Information

by
Understanding the VMware vCenter RCE Vulnerability: Important Information

VMware, owned by Broadcom, has recently addressed critical vulnerabilities in its vCenter Server application that could allow malicious actors to execute remote code or elevate privileges on affected systems. These vulnerabilities, if left unpatched, pose a significant risk to organizations using VMware vSphere. The security advisory issued by VMware identifies three critical vulnerabilities, including a … Read more

VMware addresses critical vCenter Remote Code Execution vulnerability with new patch available.

by
VMware addresses critical vCenter Remote Code Execution vulnerability with new patch available.

VMware‘s vCenter Server, a vital platform for managing virtual machines and ESXi hosts, has been found vulnerable to critical security flaws. Three vulnerabilities, CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081, have been identified, posing risks of remote code execution and local privilege escalation. CVE-2024-37079 and CVE-2024-37080 are heap overflow vulnerabilities in the vCenter Server’s DCERPC protocol implementation, allowing … Read more