Critical Vulnerabilities in Ivanti Exploited in-the-Wild: everything you need to know

Detect and mitigate CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893, critical vulnerabilities in Ivanti VPN products. Organizations should patch urgently, and government agencies are instructed to isolate Ivanti VPN instances...

Safer Internet Day, or why Brad Pitt needed an internet bodyguard

February 6, 2024 is Safer Internet Day. When I was asked to write about the topic, I misunderstood the question and heard: “can you cover save the internet” and we all agreed that it might be too late for that. While we laughed about it, it made me think. The internet has been around for quite so...

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from...

FBI removes malware from hundreds of routers across the US

The FBI has used a court order to remove malware from hundreds of routers across the US, and alter the routers’ settings to prevent reinfection. The routers are malware-infected NetGear and Cisco small office/home office SOHO devices that no longer receive updates because they have reached their...

Mother of all Breaches may contain NEW breach data

On January 23, 2024, we reported on the discovery of billions of exposed records online, now commonly referred to as the “mother of all breaches” MOAB. Since then, the source of the dataset has been identified as data breach search engine Leak-Lookup. Prevention platform SpyCloud compared the MOA...

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted...

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November...

web2.gov.mb.ca Cross Site Scripting vulnerability OBB-3842159

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

files.hawaii.gov Cross Site Scripting vulnerability OBB-3839857

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Modernize Federal Cybersecurity Strategy with FedRAMP

Detection and response will be critical for the U.S. Government to modernize security operations and stay ahead of cyber-attacks...

CVE-2023-46750

creationtimestamp| type| source ---|---|--- 2024-01-10 17:07:59+00:00| seen| https://t.me/ctinow/165954 2026-04-21 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1833...

Nim Backdoor Masquerades as Nepal Government Security

Summary: Attackers employed malicious Microsoft Word documents disguised as official communications from the Nepali government. These documents aimed to trick victims into downloading and executing a backdoor program written in the Nim programming language. As Nim is an uncommon language, it pose...

Unveiling Novel Malware Waves by APT28

Summary: A recent phishing campaign attributed to the Russia-linked APT28 group has been identified targeting Ukrainian government entities and Polish organizations with email messages urging recipients to click on a link to view a document. The goal is to deploy previously undocumented malware,...

massclearinghouse.ehs.state.ma.us Cross Site Scripting vulnerability OBB-3828194

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Tech Docs Template Cross-Site Scripting Vulnerability

Tech Docs Template is an open source Gem distribution technical documentation project from Government Digital Service. A security vulnerability exists in Tech Docs Template versions prior to 2.0.2 through 3.3.1, which stems from a cross-site scripting XSS vulnerability. An attacker can exploit th...

DOJ Slams XCast with $10 Million Fine Over Massive Illegal Robocall Operation

The U.S. Department of Justice DoJ on Tuesday said it reached a settlement with VoIP service provider XCast over allegations that it facilitated illegal telemarketing campaigns since at least January 2018, in contravention of the Telemarketing Sales Rule TSR. In addition to prohibiting the compan...

Operation RusticWeb: Coordinated Strikes on Indian Government

Summary: Since October 2023, an orchestrated phishing campaign named Operation RusticWeb has been systematically targeting the Indian government and defense sector, deploying Rust-based malware for sophisticated intelligence gathering. Threat Level - Amber | Attack Report For a detailed threat...

web2.gov.mb.ca Cross Site Scripting vulnerability OBB-3823563

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Operation RusticWeb: Rust-Based Malware Targets Indian Government Entities

Indian government entities and the defense sector have been targeted by a phishing campaign that's engineered to drop Rust-based malware for intelligence gathering. The activity, first detected in October 2023, has been codenamed Operation RusticWeb by enterprise security firm SEQRITE. "New...

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

The Solntsepek group has taken credit for the attack. Theyre linked to the Russian military, so its unclear whether the attack was government directed or freelance. This is one of the most significant cyberattacks since Russia invaded in February 2022...