The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring federal agencies to urgently hunt for and eradicate a persistent “Firestarter” backdoor affecting Cisco Firepower and Secure Firewall devices in an active cyberespionage campaign.
Category: Emerging Threats
CISA Adds 3 Cisco SD-WAN Manager Flaws to Actively Exploited List
Image source: jackpress, Shutterstock Agency puts another 5 vulnerabilities in products from PaperCut, JetBrains, Kentico, Quest and Zimbra on its Known Exploited Vulnerabilities list. The US Cybersecurity and Infrastructure Security Agency (CISA)…
Exploits Turn Microsoft Defender Against Itself
Image source: PJ McDonnell, Shutterstock Attackers are using Blue Hammer, RedSun and UnDefend exploits in targeted, hands-on intrusions. Threat actors are actively exploiting three publicly available proof-of-concept attacks to compromise Microsoft Defender,…
2 Zero-Days and 18 Other High Risk Vulns in Microsoft’s April Update
Image source: The KonG, Shutterstock In total, the company released fixes for 165 CVEs this Patch Tuesday Microsoft released fixes for 165 CVEs this month. That is the second highest set of…
Criminals Weaponize Microsoft’s Device Code Authentication in Widescale Phishing Operation
Image source: Honeybe, Shutterstock Researchers at Microsoft have documented a clever Phishing-as-a-Service operation that abuses the OAuth 2.0 device code authorization flow to harvest valid session tokens. Hundreds of organizations have fallen…
Iran-Linked Actors Disrupt Rockwell/Allen Bradley PLCs
Image source: HakanGider, Shutterstock CISA, FBI, other agencies say organizations across multiple critical sectors have experienced operational disruptions and financial losses from the attacks. Iran-affiliated advanced persistent threat groups have successfully compromised…
Are Your Systems Patched Against Storm-1175 Attacks?
Image source: Antony McAulay, Shutterstock The threat actor is exploiting more than 17 flaws in high-velocity campaigns to distribute Medusa ransomware, according to Microsoft. A financially motivated threat actor whom Microsoft is…
Calendar Invite Hijacks Gemini AI
Image source: mundissima via Shutterstock Tel Aviv University-led team shows how attackers can weaponize Google Calendar to manipulate connected home systems through AI exploits. New research has shown how attackers can weaponize…
NSA, CISA, Others Warn About Fast Flux Threat: Here’s Why
Image source: Shutterstock Enterprise organizations, ISPs and security services providers are not adequately prepared to protect against attacks that leverage the technique, authoring agencies say. The NSA, CISA, and international partners have…
FBI: Russia’s APT29 May Exploit These 24 vulnerabilities-Be Aware
Image source: Shutterstock Recent flaws that the state-affiliated actor has exploited widely include CVE-2023-42793 in JetBrains TeamCity and CVE-2022-27924 in Zimbra. The FBI in collaboration with the National Security Agency, Cyber National…