4 matches found
Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations
Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control C2. The tech giant, which discovered the activity in late October 2024, said the malware was hosted on a compromise...
CVE-2024-11155
Rockwell Automation Arena contains a use-after-free vulnerability in parsing DOE files that could allow an attacker to execute arbitrary code. The issue affects Arena versions prior to 16.20.06 (per Nessus and related advisories). Exploitation requires a legitimate user to run the malicious DOE c...
Continued Threat Actor Exploitation Post Pulse Secure VPN Patching
Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK® framework. See the ATT &CK for Enterprise framework for all referenced threat actor techniques and mitigations. This Alert provides an update to Cybersecurity and Infrastructure Security...
Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902
Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. F5 released a patch for CVE-2020-5902 on June 30, 2020.1 Unpatched F5 BIG-IP...