Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Daggerfly Cyberattack Campaign Hits African Telecom Services Providers

Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda. The campaign makes use of "previously unseen plugins from

The Hacker News
Open in Source
#web#android#mac#git#intel#The Hacker News
NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders

Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab. "NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the world," the interdisciplinary laboratory

Fancy Bear known to be exploiting vulnerability in Cisco routers

Categories: Exploits and vulnerabilities Categories: News Tags: APT28 Tags: Sofacy Tags: Fancy Bear Tags: GRU Tags: Cisco Tags: CVE--2017-6742 Tags: SNMP Tags: Jaguar Tooth A joint advisory about a Cisco vulnerability by several US and UK agencies gives us a peek inside the minds of ideologically motivated cybercriminals (Read more...) The post Fancy Bear known to be exploiting vulnerability in Cisco routers appeared first on Malwarebytes Labs.

Russian Fancy Bear APT Exploited Unpatched Cisco Routers to Hack US, EU Gov't Agencies

The nation-stage threat group deployed custom malware on archaic versions of Cisco's router operating system. Experts warn that such attacks targeting network infrastructure are on the rise.

CVE-2023-30797: Insecure random generation in Netflix Lemur python app | VulnCheck Advisories

Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. The insufficiently random values may allow an attacker to guess the credentials and gain access to resources managed by Lemur.

Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Elite hackers associated with Russia's military intelligence service have been linked to large-volume phishing campaigns aimed at hundreds of users in Ukraine to extract intelligence and influence public discourse related to the war. Google's Threat Analysis Group (TAG), which is monitoring the activities of the actor under the name FROZENLAKE, said the attacks continue the "group's 2022 focus

3 Flaws, 1 War Dominated Cyber-Threat Landscape in 2022

Attackers continued to favor software exploits, phishing, and stolen credentials as initial-access methods last year, as Log4j and the Russia-Ukraine cyber conflict changed the threat landscape.