Incus Allocation of Resources Without Limits allows firewall rule bypass on managed bridge networks

Summary When using an ACL on a device connected to a bridge, Incus generates nftables rules for local services DHCP, DNS... that partially bypass security options security.macfiltering, security.ipv4filtering and security.ipv6filtering. This can lead to DHCP pool exhaustion and opens the door for...

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversar...

Hackers Exploit Critical Flaw in Ghost Platform with Cryptojacking Attack

Hackers targeted the publishing platform Ghost over the weekend, launching a cryptojacking attack against its servers that led to widespread outages. The attack stemmed from the exploit of critical vulnerabilities in SaltStack, used in Ghost’s server management infrastructure. Ghost is a free,...