PT-2026-29907

Name of the Vulnerable Software and Affected Versions Azure Databricks affected versions not specified Description Server-side request forgery ssrf in Azure Databricks allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there is no information abou...

CVE-2021-22943

A vulnerability found in UniFi Protect application V1.18.1 and earlier permits a malicious actor who has already gained access to a network to subsequently control the Protect cameras assigned to said network. This vulnerability is fixed in UniFi Protect application V1.19.0 and later...

UNC2891 Breaches ATM Network via 4G Raspberry Pi, Tries CAKETAP Rootkit for Fraud

The financially motivated threat actor known as UNC2891 has been observed targeting Automatic Teller Machine ATM infrastructure using a 4G-equipped Raspberry Pi as part of a covert attack. The cyber-physical attack involved the adversary leveraging their physical access to install the Raspberry P...

A Hacker Group Within Russia’s Notorious Sandworm Unit Is Breaching Western Networks

A team Microsoft calls BadPilot is acting as Sandworm's “initial access operation,” the company says. And over the last year it's trained its sights on the US, the UK, Canada, and Australia...

PT-2025-5873 · Bharti Airtel · Bharti Airtel Xstream Fiber

Name of the Vulnerable Software and Affected Versions: Bharti Airtel Xstream Fiber up to 20250123 Description: A vulnerability was found in the WiFi Password Handler component, leading to the use of weak credentials. The attack must be done within the local network and has a high complexity, maki...

Stopping a targeted attack on a Managed Service Provider (MSP) with ThreatDown MDR

In late January 2024, the ThreatDown Managed Detection and Response MDR team found and stopped a three-month long malware campaign against a Managed Service Provider MSP based in Europe. In line with our observations of attackers increasingly relying on legitimate software in their attacks, the...

U.S. State Government Network Breached via Former Employee's Account

The U.S. Cybersecurity and Infrastructure Security Agency CISA has revealed that an unnamed state government organization's network environment was compromised via an administrator account belonging to a former employee. "This allowed the threat actor to successfully authenticate to an internal...

Several hospitals still counting the cost of widespread ransomware attack

The 16 hospitals struck down by ransomware last week are still dealing with the fallout from the attack. The healthcare facilities located in Connecticut, Pennsylvania, Rhode island, and California had the ransomware attack confirmed by the FBI. Issues started to emerge last Thursday with patient...

Ubiquiti UniFi 安全漏洞

Ubiquiti UniFi is a wireless networking system from Ubiquiti USA. A security vulnerability exists in Ubiquiti UniFi OS version 3.1, which stems from a misconfiguration introduced in the console running the UniFi network that allows users on the local network to access MongoDB...

Tracking down a trojan: An inside look at threat hunting in a corporate network

At Malwarebytes, we talk a lot about the importance of threat hunting for SMBs--and not for no good reason, either. Just consider the fact that, when a threat actor breaches a network, they dont attack right away. The median amount of time between system compromise and detection is 21 days. By th...

Unauthorized Access Vulnerability in Beixingyuan Network Breach Monitoring and Alerting Platform

Beijing Beixinyuan Software Co., Ltd. is a comprehensive solution provider committed to becoming a smart security provider in the 5G era. There is an unauthorized access vulnerability in Beixinyuan's network violation monitoring and alerting platform, which can be exploited by attackers to obtain...

Uber Says It's Investigating a Potential Breach of Its Computer Systems

Ride hailing giant Uber disclosed Thursday it's responding to a cybersecurity incident involving a breach of its network and that it's in touch with law enforcement authorities. The New York Times first reported the incident. The company pointed to its tweeted statement when asked for comment on...

Cisco Confirms Network Breach After Employee’s Google Account was Hacked

By Deeba Ahmed Cisco has confirmed that its security was successfully breached by Yanluowang Ransomware Gang in May 2022. Networking giant… This is a post from HackRead.com Read the original post: Cisco Confirms Network Breach After Employees Google Account was Hacked...

Cisco Confirms Network Breach Via Hacked Employee Google Account

Cisco Systems revealed details of a May hack by the Yanluowang ransomware group that leveraged a compromised employee’s Google account. The networking giant is calling the attack a “potential compromise” in a Wednesday post by the company’s own Cisco Talos threat research arm. “During the...

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers By Trellix · August 3, 2022 This story was written by Philippe Laulheret. Summary The Trellix Threat Labs Vulnerability Research team has found an unauthenticated remote code execution vulnerability, filed under...

SEC Filing Reveals Fortune 500 Firm Targeted in Ransomware Attack

Fortune 500 integrated services firm R.R.Donnelley & Sons RRD is the latest victim of the hacking collective known as the Conti Group. According to regulatory disclosures RRD was the victim of a network breach that resulted in stolen data in December. RRD, a global firm with 33,000 employees,...

New research shows IoT and OT innovation is critical to business but comes with significant risks

The need for much improved IoT and operational technology OT cybersecurity became clearer this year with recent attacks on network devices,1 surveillance systems,2 an oil pipeline,3 and a water treatment facility,4 to name a few examples. To better understand the challenges customers are facing,...

Panasonic Suffers Data Breach After Hackers Hack Into Its Network

Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had...

FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

A threat actor has been exploiting a zero-day vulnerability in FatPipe’s virtual private network VPN devices as a way to breach companies and gain access to their internal networks, since at least May, the FBI has warned. “As of November 2021, FBI forensic analysis indicated exploitation of a 0-d...

SolarWinds Hack and the Case of DNS Security

It's not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it's the reason I didn't have a smoother transition back into work-life following a long vacation. As I understand it, the breaches happened after...