CISA and Partners Release Advisory on Ghost (Cring) Ransomware

Today, CISA—in partnership with the Federal Bureau of Investigation FBI and Multi-State Information Sharing and Analysis Center MS-ISAC—released a joint Cybersecurity Advisory, StopRansomware: Ghost Cring Ransomware. This advisory provides network defenders with indicators of compromise IOCs,...

New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants

Cisco Talos recently discovered a new malware family were calling "HTTPSnoop" being deployed against telecommunications providers in the Middle East. HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to liste...

A Financially Motivated Threat Group UNC961 Targeting North American Organizations

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary UNC961 is a financially motivated cyber threat group that targets organizations in North America, with a focus on exploiting vulnerable Internet-facing servers during periods of vulnerability and exploit...

KillNet hits healthcare sector with DDoS attacks

At the end of January, the Health Sector Cybersecurity Coordination Center warned that the KillNet group is actively targeting the US healthcare sector with distributed denial-of-service DDoS attacks. The Cybersecurity and Infrastructure Security Agency CISA says it helped dozens of hospitals...

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Thousands of Citrix Application Delivery Controller ADC and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the company over the last few months. The issues in question are CVE-2022-27510 and CVE-2022-27518 CVSS scores: 9.8, which were addressed by the virtualizati...

Understanding How Hackers Recon

Cyber-attacks keep increasing and evolving but, regardless of the degree of complexity used by hackers to gain access, get a foothold, cloak their malware, execute their payload or exfiltrate data, their attack will begin with reconnaissance. They will do their utmost to uncover exposed assets an...

Persistent Cross Site Scripting Vulnerability

We have identified and fixed a persistent cross-site scripting XSS vulnerabilities that affects Stash instances, including publicly available instances that is, Internet-facing servers. XSS vulnerabilities allow an attacker to embed their own JavaScript into a Stash page. More information is...

Persistent Cross Site Scripting Vulnerability

We have identified and fixed a persistent cross-site scripting XSS vulnerabilities that affects Stash instances, including publicly available instances that is, Internet-facing servers. XSS vulnerabilities allow an attacker to embed their own JavaScript into a Stash page. More information is...