Threats in space (or rather, on Earth): internet-exposed GNSS receivers

What is GNSS? Global Navigation Satellite Systems GNSS are collections, or constellations of satellite positioning systems. There are several GNSSs launched by different countries currently in operation: GPS US, GLONASS Russia, Galileo EU, BeiDou Navigation Satellite System BDS, China, Navigation...

CISA Adds Four Known Exploited Vulnerabilities to Catalog

Updated November 8, 2024 CISA has removed the following vulnerability from its Known Exploited Vulnerabilities Catalog, due to a transcription error: CVE-2021-4043link is external Motion Spell GPAC Null Pointer Dereference Vulnerability End of Update CISA has added four new vulnerabilities to its...

The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses

We've all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses SMBs are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers CISO...

Risk reduction redefined: How compromise assessment helps strengthen cyberdefenses

Introduction Organizations often rely on a layered defense strategy, yet breaches still occur, slipping past multiple levels of protection unnoticed. This is where compromise assessment enters the game. The primary objective of these services is risk reduction. They help discover active...

Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis

While cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed highlight the importance of behavioral analysis and anomaly detection in security measures...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-9537link is external ScienceLogic SL1 Unspecified Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose...

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and passwor...

Hacker Charged With Seeking to Kill Using Cyberattacks on Hospitals

The US has accused two brothers of being part of the hacker group Anonymous Sudan, which allegedly went on a wild cyberattack spree that hit hundreds of targets—and, for one of the two men, even put lives at risk...

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

China's National Computer Virus Emergency Response Center CVERC has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, went ...

Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against UAE and Gulf Regions

Trend Micro's investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE...

Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East

Trend Micro's investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to sectors in the Middle East...

Earth Simnavaz Levies Advanced Cyberattacks Against UAE and Gulf Regions

Trend Micro's investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-43047link is external Qualcomm Multiple Chipsets Use-After-Free Vulnerability CVE-2024-43572link is external Microsoft Windows Management Console Remote Code...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-45519link is external Synacor Zimbra Collaboration Command Execution Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber...

Dell Hit by Third Data Leak in a Week Amid “grep” Cyberattacks

Dell faces its third data leak in a week as hacker "grep" continues targeting the tech giant. Sensitive…...

Dark Web Sales Fuel 32% Increase in Global Healthcare Cyberattacks

Healthcare organizations face a 32% surge in cyberattacks, with sensitive patient data being sold on the Dark Web.…...

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance CSA has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the...

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance CSA Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and...

Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene

Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it's not just data at risk — it's the care of patients...

Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

The China-linked advanced persistent threat APT group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. "This threat actor used Visual Studio Code's embedded reverse shell feature to ga...