Recently, a vulnerability in SonicWall SonicOS management access and SSL VPN (CVE-2024-40766) was exploited in unpatched devices, leading to at least 30 intrusions by Fog and Akira ransomware. Research indicates possible infrastructure sharing between the two groups.
Quick-response (QR) codes are convenient and easy to use in everyday life to access information and navigate to websites. Unfortunately, cyber threat actors continue to take advantage of the increased adoption of QR code scanning.
The NJCCIC detected a campaign linked to TA544, also referred to as Bamboo Spider and Zeus Panda, which has reemerged after a period of inactivity since their last campaign. Similar to open-source reporting, this new campaign attempts to distribute the WarmCookie backdoor.
The NJCCIC’s email security solution has observed an uptick in phishing attacks impersonating Truist Bank and Wells Fargo Bank. These emails were flagged for using uncommon URL domains, abused URL services, and uncommon senders. Read more about signs to look for.
In a joint statement released on October 25, the Office of the Director of National Intelligence (ODNI), the FBI, and the CISA assessed that Russian influence operations had manufactured and amplified a video falsely depicting ballots being destroyed in Pennsylvania
Attached is a joint White Paper, Applications of Cyber Threat Intelligence – TLP:CLEAR, authored by the Virginia Fusion Center (VFC) and the Multi-State Information Sharing & Analysis Center (MS-ISAC). This paper provides guidance for SLTT government entities...
Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional workarounds and indicators of compromise (IOCs). A remote, unauthenticated cyber threat actor could exploit this vulnerability.
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Siemens InterMesh Subscriber Devices, the most severe of which could allow for remote code execution. InterMesh leverages mesh radio technology and hardened alarm monitoring panels to create a private, self-healing network...
This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals. A vulnerability has been discovered in Fortinet FortiManager.
