Cyber threat researchers recently uncovered a Chinese cyber espionage campaign targeting a newly discovered command injection vulnerability in Cisco’s Cisco NX-OS software. They found the vulnerability and its exploitation as part of an ongoing forensic investigation of a Velvet Ant threat group. The vulnerability tracked as CVE-2024-20399 concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system
All Articles (2533)
Sort by
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. BitTorrent, also referred to as simply torrent, is a communication protocol for peer-to-peer file sharing (P2P), which enables users to distribute data and electronic files over the Internet in a decentralized manner. The protocol is developed and maintained by Rainberry, Inc., and was first released in 2001.
A notable aspect of the current variant of ViperSoftX is that it uses the Common
Destructive cyber-attacks such as ransomware and wiper attacks are forcing a culture change within organizations as teams need to come together to build resilience. In many organizations, the CIO and CISO and their teams pursue their own, sometimes conflicting, goals and maintain their own cultures and methods. But to build resilience to attacks, security and IT operations must work much better together.
Historically CISOs primarily had to deal with incidents of data theft, or more accurately
In 2019, the Space Force became the nation’s first new military branch in nearly 80 years. Now, the US Congress is already thinking about starting another one, a cyber force. For years, there's been talk of creating a military branch that concentrates on the cyber domain, driven by the increasing threat posed by geopolitical rivals like China and by organizational and staffing problems with the existing US military cyber operations. Now, members of the House of Representatives and Senate hav
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability tracked as CVE-2024-6409 (CVSS score: 7.0) is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1 and 8.8p1 shipped with Red Hat Enterprise Linux 9. This vulnerability, if exploited, could lead to full
A Russian was charged with conspiring to hack and destroy computer systems and data in Ukraine and allied countries, including the United States, the US Justice Department (DoJ) announced in June 2024, offering a $10 million reward for information. Amin Timovich Stigal, a 22-year-old Russian national, has been indicted in Maryland, US, for his alleged role in staging destructive cyber-attacks against Ukraine and its allies in the days leading to Russia's full-blown military invasion of Ukraine
Political strife and natural disasters have stripped millions of people of internet access over the last two weeks, with experts raising particular concern over actions taken by Turkey's government. This article explores the intentional and unintentiaional sequestering of social media communication. Last week, the Turkish government shut down access to social media sites in the Kayseri region of the country due to local anti-Syrian immigrant riots. While hundreds of governments have proven the
Do you recognize "Lyle" who told all of us about the phase of his career in the mid-1990s during which he installed enterprise management software at Air Force bases, then stuck around to drill staff in its use. When Lyle arrived for one such, he was told that the base was participating in wargames during the week, and that judges of this event might be present at various moments. As a civilian, he was assured none of this would impact his work. As he settled in, Lyle noticed a member of the
A recent US Supreme Court (SCOTUS) ruling has shifted regulatory enforcement from the federal agencies to the judicial system. On 28 June 2024, the Supreme Court struck down a legal principle known as the Chevron Doctrine (or Deference). This doctrine dates to a 1984 Supreme Court ruling (Chevron v Natural Resources Defense Council) that allows federal agencies to use their own expertise to interpret ambiguities in the law. It became the foundation for the federal system of regulation through
As cybersecurity providers advance and evolve their service capabilities, they may fall into one of two camps relative to managed detection and response (MDR) or extended detection and response (XDR) technologies or blur the lines by offering both. What are the similarities and differences between MDR and XDR? And who are the key players in either space? If you’re an MSSP, MSP or cybersecurity vendor, it’s important to know.
MDR and XDR are both cybersecurity services designed to enhance thre
The National Health Laboratory Service (NHLS) in South Africa has confirmed that its laboratories are operational following a recent cyber-attack, although the automated distribution of test results to clinicians remains disrupted. In a statement released on Wednesday, the NHLS explained that its systems and infrastructure were compromised by the cyber-attack, affecting the automatic generation and delivery of laboratory reports to clinicians via WebView. Despite these challenges, urgent test
Transparent Tribe (aka APT 36, Operation C-Major) has been active since at least 2016 with attacks against Indian government and military personnel. The group relies heavily on social engineering attacks to deliver a variety of Windows and Android spyware, including spear-phishing and watering hole attacks.
In September 2023, SentinelLabs outlined the CapraTube campaign, which used weaponized Android applications (APK) designed to mimic YouTube, often in a suspected dating context due to the na
International Joint Operation Takes Down Over 600 IP Addresses Abusing Cobalt Strike Tool - Hundreds of IP addresses abusing Cobalt Strike have been shut down in a joint effort involving law enforcement across several nations. Codenamed “Morpheus”, the joint operation resulted in flagging 690 IP addresses and domains used to infiltrate victim networks. So far, 593 of them have been taken offline.
The servers flagged in Operation Morpheus used old, unlicensed versions of Cobalt Strike, a popular
Luxury department store chain the Neiman Marcus Group[1] has become the latest victim in a series of cyberattacks targeting users of the Snowflake data warehousing platform. The breach affected nearly 65,000 shoppers and exposed sensitive personal information.
In a letter to affected customers, Neiman Marcus stated, "We are writing to notify you of an issue that involves certain of your personal information. In May 2024, we learned that, between April and May 2024, an unauthorized third party g
ChatGPT-maker OpenAI was hit by a cyberattack in 2023. The threat actors were able to access internal discussions among researchers and other employees. Corporate espionage? According to media sources, the company had neither publicly disclosed the attack or informed the law enforcement authorities back then. The breach was only made known among employees back in April 2023 during an internal meeting because its source code and customer data were not compromised. Affected data mostly include
AI is fueling a lot of wild ideas for our tech-driven future. If everything pans out, we will not have to write our own essays, take our notes, or drive our cars. But with AI’s rapid growth, it is hard not to give at least some of those lofty visions credence, even the most sci-fi ones, even Star Wars-level humanoid robots. There are a lot of humanoid bots now and a lot more seemingly on the way, Figure’s AI robot, Unitree’s speed demon, Agility’s workhorse, but arguably most important of al
After confirming a production-halting cyberattack last month, forklift manufacturer Crown Equipment said on 1 July that operations have resumed. Crown said work was proceeding at all 24 of its manufacturing plants. The company’s manufacturing operations had been suspended since 10 June due to the attack on its business systems.
A company spokesman has declined to comment on the attack and said no further information would be available. The company has declined to answer questions about how ma
The United Nations' telecommunication agency condemned Russian interference in the satellite systems of several European countries. Earlier this month, the UN’s International Telecommunication Union (ITU) received a series of complaints from Ukraine, France, Sweden, the Netherlands and Luxembourg about the Kremlin’s alleged satellite interference that has affected GPS signals and television channels. The ITU reviewed these complaints and published a document Monday calling the practice “extrem
More than 1,000 planned operations and over 3,000 outpatient appointments have been postponed amid ongoing disruption caused by a cyber-attack that impacted London hospitals. Synnovis, an agency which manages labs for NHS trusts and GPs in south-east London, was the victim of a data hack on 3 June.[1]
New figures from NHS England show that since then, 3,396 appointments and 1,255 elective procedures have been postponed. In a statement, the chief executives of two affected trusts said they were
July 4th marks the anniversary of when Congress, comprised of delegates from the United States' original 13 colonies, signed the Declaration of Independence on 4 July 1776. The document declared the nation's independence from Great Britain.
Some research indicates that the original signers didn't even write their names on the official document until 2 August 1776. In fact, it would take six months to acquire all 56 signatures. Thomas McKean, a delegate from Delaware, was reportedly the last pe
