Blogs - Security
CVE / NIST
CISA Blog
CISA News
Cybersecurity Advisories
ICS Advisories
ICS Medical Advisories
Packet Storm Security
The Hacker News
CISA Blog
- JCDC Builds Foundation for Pipelines Cyber Defense Planning Effort 2024-03-26 CISA
- Nothing Scares the PRC More Than a Russian Defeat in Ukraine 2024-03-21 CISA
- SAFECOM and NCSWIC Develop 911 Cybersecurity Resource Hub 2024-03-13 CISA
- In Effort to Bolster Government Cybersecurity, Biden Administration Takes Step to Ensure Secure Development Practices 2024-03-11 CISA
- Celebrating Women's History Month 2024-03-08 CISA
- Keynote by CISA Director Jen Easterly 2024-03-06CISA Director Jen Easterly delivers keynote during CISA's March 5-6 Open Source Security Software Summit.CISA
- Super Tuesday: A Snapshot into CISA’s Mission to Secure the Electoral Process 2024-03-06 CISA
- CISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency 2024-03-04 CISA
- CISA Publishes Guide to Support University Cybersecurity Clinics 2024-02-28 CISA
- Reflecting on the Parkland tragedy, its lasting impacts, and work still to be done 2024-02-14 CISA
CISA News
- CISA Marks Important Milestone in Addressing Cyber Incidents; Seeks Input on CIRCIA Notice of Proposed Rulemaking 2024-03-27 CISA
- CISA, DC HSEMA and Regional Partners Conduct Exercise to Ensure National Capital Region Water Service Resilience 2024-03-22 CISA
- CISA Publishes Repository for Software Attestation and Artifacts 2024-03-18 CISA
- CISA Announces New Efforts to Help Secure Open Source Ecosystem 2024-03-07 CISA
- CISA and Partners Coordinate on Security and Resilience for Super Tuesday 2024-03-04 CISA
- CISA, U.S. and International Partners Warn of Ongoing Exploitation of Multiple Ivanti Vulnerabilities 2024-02-29 CISA
- CISA, OMB, ONCD and Microsoft Efforts Bring New Logging Capabilities to Federal Agencies 2024-02-21 CISA
- CISA, FBI, EAC and USPIS Release Election Mail Handling Procedures to Protect Against Hazardous Materials 2024-02-14 CISA
- CISA and EPA Collaborate on Water and Wastewater Sector Cyber Resources 2024-02-07 CISA
- CISA Launches #Protect2024 Resources Webpage for State and Local Election Officials 2024-02-07 CISA
CISA Blog
- JCDC Builds Foundation for Pipelines Cyber Defense Planning Effort 2024-03-26 CISA
- Nothing Scares the PRC More Than a Russian Defeat in Ukraine 2024-03-21 CISA
- SAFECOM and NCSWIC Develop 911 Cybersecurity Resource Hub 2024-03-13 CISA
- In Effort to Bolster Government Cybersecurity, Biden Administration Takes Step to Ensure Secure Development Practices 2024-03-11 CISA
- Celebrating Women's History Month 2024-03-08 CISA
- Keynote by CISA Director Jen Easterly 2024-03-06CISA Director Jen Easterly delivers keynote during CISA's March 5-6 Open Source Security Software Summit.CISA
- Super Tuesday: A Snapshot into CISA’s Mission to Secure the Electoral Process 2024-03-06 CISA
- CISA Updates Toolkit to Promote Public Safety Communications and Cyber Resiliency 2024-03-04 CISA
- CISA Publishes Guide to Support University Cybersecurity Clinics 2024-02-28 CISA
- Reflecting on the Parkland tragedy, its lasting impacts, and work still to be done 2024-02-14 CISA
ICS Advisories
- Rockwell Automation PowerFlex 527 2024-03-26View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: PowerFlex 527 Vulnerabilities: Improper Input Validation, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this these vulnerabilities could crash the device and require a manual restart to recover. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports […]CISA
- Rockwell Automation FactoryTalk View ME 2024-03-26View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View ME Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could lead to the loss of view or control of the PanelView product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of FactoryTalk […]CISA
- Automation-Direct C-MORE EA9 HMI 2024-03-26View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: C-MORE EA9 HMI Vulnerabilities: Path Traversal, Stack-Based Buffer Overflow, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to exploit a remote device and inject malicious code on the panel. 3. […]CISA
- Rockwell Automation Arena Simulation 2024-03-26View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: low attack complexity Vendor: Rockwell Automation Equipment: Arena Simulation Software Vulnerabilities: Out-of-bounds Write, Heap-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer, Use After Free, Access of Uninitialized Pointer, Out-of-bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could crash […]CISA
- Advantech WebAccess/SCADA 2024-03-21View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to read or modify a remote database. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Advantech WebAccess/SCADA, […]CISA
- Franklin Fueling System EVO 550/5000 2024-03-19View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Franklin Fueling System Equipment: EVO 550, EVO 5000 Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read arbitrary files on the system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Franklin […]CISA
- Siemens Siveillance Control 2024-03-14As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Low Attack Complexity […]CISA
- Siemens SIMATIC 2024-03-14As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens SINEMA Remote Connect Client 2024-03-14As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Exploitable remotely/low attack […]CISA
- Siemens SENTRON 7KM PAC3x20 2024-03-14As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION: Low attack complexity […]CISA
ICS Medical Advisories
- Santesoft Sante FFT Imaging 2024-03-05View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local attacker to execute arbitrary code once a user opens a malicious DCM file on affected FFT Imaging installations. 3. TECHNICAL DETAILS 3.1 […]CISA
- MicroDicom DICOM Viewer 2024-02-29View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: MicroDicom Equipment: DICOM Viewer Vulnerabilities: Heap-based Buffer Overflow, Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause memory corruption issues leading to execution of arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions […]CISA
- Santesoft Sante DICOM Viewer Pro 2024-02-27View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of the product. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following […]CISA
- Orthanc Osimis DICOM Web Viewer 2024-01-23View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Orthanc Equipment: Osimis Web Viewer Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code inside the victim's browser. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Osimis Web […]CISA
- BD FACSChorus 2023-11-28View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.4 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: FACSChorus Vulnerabilities: Missing Protection Mechanism for Alternate Hardware Interface, Missing Authentication for Critical Function, Improper Authentication, Use of Hard-coded Credentials, Insecure Inherited Permissions, 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker with […]CISA
- Santesoft Sante FFT Imaging 2023-10-11View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante FFT Imaging Vulnerability: Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Santesof products are affected: Sante FFT Imaging: […]CISA
- Santesoft Sante DICOM Viewer Pro 2023-10-11View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Santesoft Equipment: Sante DICOM Viewer Pro Vulnerabilities: Out-of-bounds Write, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose information and execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Santesoft products are […]CISA
- Softneta MedDream PACS 2023-09-051. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Softneta Equipment: MedDream PACS Vulnerabilities: Exposed Dangerous Method or Function, Plaintext Storage of a Password 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain and leak plaintext credentials or remotely execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED […]CISA
- BD Alaris System with Guardrails Suite MX (Update A) 2023-07-13View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company (BD) Equipment: Alaris PCU, Guardrails Editor, Systems Manager, Calculation Services, CQI Reporter Vulnerabilities: Insufficient Verification of Data Authenticity, Missing Authentication for Critical Function, Improper Verification of Cryptographic Signature, Missing Support for Integrity Check, Cross-site Scripting, Cleartext Transmission of […]CISA
- Medtronic Paceart Optima System 2023-06-291. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Medtronic Equipment: Paceart Optima System Vulnerability: Deserialization of Untrusted Data 2. RISK EVALUATION Successful exploitation of this vulnerability could result in remote code execution or a denial-of-service condition impacting a healthcare delivery organization’s Paceart Optima system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The […]CISA
Packet Storm
- Sam Bankman-Fried Sentenced To 25 Years In Prison 2024-03-28
- Ubuntu Security Notice USN-6715-1 2024-03-28Ubuntu Security Notice 6715-1 - It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash.
- Ubuntu Security Notice USN-6719-1 2024-03-28Ubuntu Security Notice 6719-1 - Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information.
- Wireshark Analyzer 4.2.4 2024-03-28Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
- Event Management 1.0 SQL Injection 2024-03-28Event Management version 1.0 suffers from a remote SQL injection vulnerability.
- util-linux wall Escape Sequence Injection 2024-03-28The util-linux wall command does not filter escape sequences from command line arguments. The vulnerable code was introduced in commit cdd3cc7fa4 (2013). Every version since has been vulnerable. This allows unprivileged users to put arbitrary text on other users terminals, if mesg is set to y and wall is setgid. CentOS is not vulnerable since […]
- IWCC 2024 Call For Papers 2024-03-28The 13th International Workshop on Cyber Crime, or IWCC, 2024 call for papers has been announced. It will take place July 30th through August 2nd, 2024 in Vienna, Austria.
- Circontrol Raption Buffer Overflow / Command Injection 2024-03-28The server in Circontrol Raption versions through 5.11.2 has a pre-authentication stack-based buffer overflow that can be exploited to gain run-time control of the device as root. The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2) is vulnerable to OS command injection.
- FusionPBX Session Fixation 2024-03-28FusionPBX suffers from a session fixation vulnerability.
- Apple Security Advisory 03-25-2024-1 2024-03-28Apple Security Advisory 03-25-2024-1 - Safari 17.4.1 addresses code execution and out of bounds write vulnerabilities.
- Red Hat Security Advisory 2024-1557-03 2024-03-28Red Hat Security Advisory 2024-1557-03 - An update is now available for Red Hat OpenShift Builds 1.0. Issues addressed include denial of service and traversal vulnerabilities.
- Red Hat Security Advisory 2024-1555-03 2024-03-28Red Hat Security Advisory 2024-1555-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
- Red Hat Security Advisory 2024-1554-03 2024-03-28Red Hat Security Advisory 2024-1554-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
- Dell Security Management Server Privilege Escalation 2024-03-28Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability.
- Red Hat Security Advisory 2024-1553-03 2024-03-28Red Hat Security Advisory 2024-1553-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
- Red Hat Security Advisory 2024-1552-03 2024-03-28Red Hat Security Advisory 2024-1552-03 - An update for.NET 6.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
- Red Hat Security Advisory 2024-1549-03 2024-03-28Red Hat Security Advisory 2024-1549-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes. Issues addressed include a traversal vulnerability.
- Red Hat Security Advisory 2024-1545-03 2024-03-28Red Hat Security Advisory 2024-1545-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.
- Red Hat Security Advisory 2024-1544-03 2024-03-28Red Hat Security Advisory 2024-1544-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
- Red Hat Security Advisory 2024-1543-03 2024-03-28Red Hat Security Advisory 2024-1543-03 - An update for dnsmasq is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
The Hacker News
- Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries 2024-03-28A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts. In October 2023, Slovak cybersecurity firm ESET 
- Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack 2024-03-28The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the ongoing criminal probe as both demanding and time-consuming, […]
- New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs 2024-03-28Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, […]
- New Webinar: Avoiding Application Security Blind Spots with OPSWAT and F5 2024-03-28Considering the ever-changing state of cybersecurity, it's never too late to ask yourself, "am I doing what's necessary to keep my organization's web applications secure?" The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain
- Behind the Scenes: The Art of Safeguarding Non-Human Identities 2024-03-28In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are not just trends but the new norm. Amidst this backdrop, a critical […]
- Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection 2024-03-28A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is […]
- Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs 2024-03-28In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza. "Whereas people say they care about privacy, they are willing to relinquish private data quite easily […]
- Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite 2024-03-27Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2). "The information stealer was delivered via a phishing email, masquerading as an invitation […]
- CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability 2024-03-27The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site
- Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions 2024-03-27A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions. "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's […]
- SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report Reveals 2024-03-27As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (
- Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining 2024-03-27Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi
- Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice 2024-03-27A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The […]
- Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries 2024-03-27Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as
- Sketchy NuGet Package Likely Linked to Industrial Espionage Targets Developers 2024-03-26Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded
- U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation 2024-03-26The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong […]
- Crafting Shields: Defending Minecraft Servers Against DDoS Attacks 2024-03-26Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains
- U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions 2024-03-26The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (
- CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products 2024-03-26The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) - Ivanti
- Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others 2024-03-25Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom