Lucene search
K

78 matches found

The Hacker News
The Hacker News
added 2025/01/18 6:6 a.m.7 views

U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon

The U.S. Treasury Department's Office of Foreign Assets Control OFAC has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. "People's Republic of China-linked...

7.3AI score
Exploits0
CISA
CISA
added 2024/11/12 12:0 p.m.5 views

CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities

Today, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities. This advisory supplies details on the top Common...

7.2AI score
Exploits0References2
ICS
ICS
added 2024/10/16 12:0 p.m.56 views

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Summary The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, the Communications Security Establishment Canada CSE, the Australian Federal Police AFP, and Australian Signals Directorate's Australian Cyber Security...

10CVSS8.3AI score0.99512EPSS
Exploits75References90
CISA
CISA
added 2024/10/16 12:0 p.m.4 views

CISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute Force

Today, CISA—with the Federal Bureau of Investigation FBI, the National Security Agency NSA, and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure. This advisory provides known indicators...

7.1AI score
Exploits0References3
CISA
CISA
added 2024/09/05 12:0 p.m.5 views

FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure

Today, the Federal Bureau of Investigation FBI—in partnership with CISA, the National Security Agency NSA, and other U.S. and international partners—released a joint Cybersecurity Advisory Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure. This advisory provides...

6.9AI score
Exploits0References5
CISA
CISA
added 2024/08/28 12:0 p.m.4 views

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Today, CISA—in partnership with the Federal Bureau of Investigation FBI and the Department of Defense Cyber Crime Center DC3—released Iran-based Cyber Actors Enabling Ransomware Attacks on U.S. Organizations. This joint advisory warns of cyber actors, known in the private sector as Pioneer Kitten...

6.9AI score
Exploits0References6
ICS
ICS
added 2024/08/28 12:0 p.m.67 views

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Summary The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of Defense Cyber Crime Center DC3 are releasing this joint Cybersecurity Advisory CSA to warn network defenders that, as of August 2024, a group of Iran-based cyber actors...

10CVSS10AI score0.99999EPSS
Exploits239References98
HackRead
HackRead
added 2024/01/15 9:29 p.m.21 views

Anonymous Sudan Claims London Internet Exchange Attack Over Yemen Strikes

By Deeba Ahmed Anonymous Sudan is a pro-Russia hacktivist group, and their emergence aligns with the rise of other pro-Russian cyber actors since the beginning of the Ukraine war. This is a post from HackRead.com Read the original post: Anonymous Sudan Claims London Internet Exchange Attack Over...

7.3AI score
Exploits0
CISA
CISA
added 2023/12/04 12:0 p.m.9 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-42917 Apple Multiple Products WebKit Memory Corruption Vulnerability CVE-2023-42916 Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability These types...

8.8CVSS7.2AI score0.17963EPSS
In wildExploits0References7
CISA
CISA
added 2023/12/01 12:0 p.m.5 views

CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs

Today, CISA, the Federal Bureau of Investigation FBI, National Security Agency NSA, Environmental Protection Agency EPA, and the Israel National Cyber Directorate INCD released a joint Cybersecurity Advisory CSA IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors in response to the acti...

7.2AI score
Exploits0References2
ICS
ICS
added 2023/12/01 12:0 p.m.47 views

IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities

Actions to take today to mitigate malicious activity: 1. Implement multifactor authentication. 2. Use strong, unique passwords. 3. Check PLCs for default passwords...

9.8CVSS9.1AI score0.02089EPSS
Exploits0References63
Cisco
Cisco
added 2023/09/27 1:50 p.m.6 views

Reports about Cyber Actors Hiding in Router Firmware

On September 27, 2023, the U.S. National Security Agency NSA, the U.S. Federal Bureau of Investigation FBI, the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Japan National Police Agency NPA, and the Japan National Center of Incident Readiness and Strategy for Cybersecurity NISC...

7.3AI score
Exploits0References1
CISA
CISA
added 2023/09/27 12:0 p.m.5 views

NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors

Today, the U.S. National Security Agency NSA, Federal Bureau of Investigation FBI, and Cybersecurity and Infrastructure Security Agency CISA, along with the Japan National Police Agency NPA and the Japan National Center of Incident Readiness and Strategy for Cybersecurity NISC released joint...

7.3AI score
Exploits0References4
Malwarebytes
Malwarebytes
added 2023/08/29 2:30 p.m.39 views

FBI confirms Barracuda patch is not effective for exploited ESG appliances

In an FBI Flash about a Barracuda ESG vulnerability, listed as CVE-2023-2868, the FBI has stated that the patches released by Barracuda in response to this CVE were ineffective for anyone previously infected. Although both Barracude and Mandiant have already made this determination, the agency sa...

7.5CVSS7.1AI score0.86956EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/06/23 12:0 a.m.83 views

Barracuda Email Security Gateway < 9.2.0.008 Command Injection (CVE-2023-2868)

According to its self-reported version, the Barracuda Email Security Gateway on the remote web server is 9.2.0.008. It is, therefore, affected by a command injection vulnerability in the processing of .tar files that could allow a remote, unauthenticated attacker to execute arbitrary commands wit...

9.8CVSS9.1AI score0.86956EPSS
Exploits3References6
Malwarebytes
Malwarebytes
added 2023/06/19 3:0 p.m.13 views

US dangles $10 million reward for information about Cl0p ransomware gang

The US Department of States national security rewards program, Rewards for Justice RFJ, is offering a reward of up to $10 million for information linking the Cl0p ransomware gang, or any other malicious cyber actors targeting US critical infrastructure, to a foreign government. Advisory from...

6.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/05/31 11:45 a.m.14 views

CISA issues warning to US businesses: Beware of China's state-sponsored cyber actor

The US Cybersecurity and Infrastructure Security Agency CISA has an urgent message for US businesses: watch out for Volt Typhoon, a threat actor sponsored by the Peoples Republic of China PRC. The agency's joint Cybersecurity Advisory CSA published last week highlights a cluster of tactics,...

7.1AI score
Exploits0
CISA
CISA
added 2023/05/09 12:0 p.m.3 views

CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors

Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and...

7AI score
Exploits0References4
CISA
CISA
added 2023/02/10 12:0 a.m.10 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly...

1.7AI score
Exploits0References5
CISA
CISA
added 2023/02/08 12:0 a.m.77 views

CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in...

1.7AI score
Exploits0References2
Rows per page
Query Builder