October 27, 2024

Ransomware groups Fog and Akira are reportedly exploiting SonicWall VPNs to infiltrate corporate networks.

October 26, 2024

Cisco has rolled out new security features to its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) to combat brute-force and password spray attacks.

October 24, 2024

A recently disclosed vulnerability in Fortinet's FortiManager, known as 'FortiJump' and identified as CVE-2024-47575, has been exploited in zero-day attacks since June 2024, impacting over 50 servers.

October 24, 2024

The 'Prometei' botnet, a Russian-language malware, is still active and spreading a cryptojacker and Web shell on machines across several continents.

October 24, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a missing authentication vulnerability in Fortinet FortiManager, identified as CVE-2024-47575.

October 23, 2024

The Lazarus Group, a cybercrime unit linked to North Korea, is reportedly using a sophisticated scheme to defraud cryptocurrency investors worldwide.

October 23, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw in Microsoft SharePoint to its Known Exploited Vulnerabilities (KEV) catalog, following evidence of active exploitation.

October 22, 2024

A vulnerability has been identified in Open Policy Agent (OPA) for Windows that could result in the leakage of authentication hashes.

October 22, 2024

Proof-of-concept exploit code has been made public for a vulnerability in Microsoft's Remote Registry client that could potentially allow an attacker to seize control of a Windows domain by downgrading the security of the authentication process.

October 22, 2024

Google's Threat Analysis Group (TAG) has alerted the public to a zero-day vulnerability in Samsung mobile processors, tracked as CVE-2024-44068.