Pro-Russia hacktivists are targeting and compromising small-scale OT systems in North American and European Water and Wastewater Systems (WWS), Dams, Energy, and Food and Agriculture Sectors, seeking to exploit VNC remote access software and default passwords.
The Cybersecurity and Infrastructure Security Agency (CISA) published a blog post on agency efforts to reduce ransomware threat and encourage participation in cyber hygiene vulnerability scanning. Click to learn more about ransomware-related vulnerabilities.
Credentials provide a way to authenticate users and control access to online accounts, email systems, network resources, and more. Threat actors attempt to harvest or steal these credentials primarily through phishing and other methods. Read for more info.
Researchers discovered a new Redline campaign targeting gamers with promises of free copies of a game cheat software called Cheat Lab. Redline is an information-stealing malware capable of acting as a backdoor, carrying out tasks and exfiltrating data.
An undisclosed third-party provider that handles telephony for Cisco's Duo multi-factor authentication (MFA) service recently suffered a social engineering cyberattack. As a result, Cisco Duo customers have been warned to be on alert for follow-on phishing schemes.
On April 10, Volexity discovered a zero-day vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS, which was being used by one of its network security monitoring customers. The Palo Alto Networks’ incident response team confirmed the vulnerability.
The NJCCIC observed a DarkGate malware campaign being deployed via malicious software installers embedded in phishing email attachments. Threat actors were also observed exploiting the Windows Defender SmartScreen vulnerability (CVE-2024-21412).
The Federal Bureau of Investigation (FBI) released a public service announcement warning of an uptick in unpaid road toll SMiShing scams. Threat actors impersonate the target state’s toll service name and change the sender’s phone number and link in the message depending on the state.
The Cybersecurity and Infrastructure Security Agency released Joint Cybersecurity Information that provides best practices to secure the deployment environment, validate and protect the artificial intelligence (AI) system, and secure AI operation and maintenance.
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
