New Technique Discovered To Bypass Web Application Firewalls
Experts from Industrial and IoT cybersecurity company Claroty developed a generic method for bypassing the web application firewalls (WAF) of a variety of leading manufacturers.
Following a...
Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware
Dec 10, 2022Ravie LakshmananEnterprise Security / IP Phones
Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone 7800...
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
A "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing open source software in their social engineering...
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks...
BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal
The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach.
"Among some of the more...
Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks
Several hacktivist groups are using Telegram and other tools to aid anti-government protests in Iran to bypass regime censorship restrictions amid ongoing unrest in...
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
A new covert attack campaign singled out multiple military and weapons contractor companies with spear-phishing emails to trigger a multi-stage infection process designed to...
New Go-based Malware Attack Windows & Linux Systems
The cybersecurity researchers at Lumen’s Black Lotus Labs asserted that in order to mine crypto-currencies and launch DDoS attacks, hackers are deploying an existing...
RCE Bug in ZOHO Products Let Hackers Execute Arbitrary Code Remotely
CISA’s bug catalog has been updated with a new vulnerability related to Java deserialization, which has been exploited in the wild by malicious threat...
Chinese Espionage Hackers Target Tibetans Using New LOWZERO Backdoor
A China-aligned advanced persistent threat actor known as TA413 weaponized recently disclosed flaws in Sophos Firewall and Microsoft Office to deploy a never-before-seen backdoor...