CISA

2 minute read

APT Actors Exploited Telerik Vulnerability in Govt IIS Server – CISA

According to a joint advisory from the US CISA (Cybersecurity and Infrastructure Security Agency), the FBI (Federal Bureau…

March 16, 2023

2 minute read

CISA Offers Recovery Tool for ESXiArgs Ransomware Victims

The recovery tool is available on GitHub for free.

February 8, 2023

Log4Shell - Iranian Hackers Accessed Domain Controller of US Federal Network

2 minute read

Security

Log4Shell – Iranian Hackers Accessed Domain Controller of US Federal Network

The attack, according to authorities, was launched on the Federal Civilian Executive Branch (FCEB).

November 19, 2022

Targeting Satellite? CISA, FBI Warns of Attacks on SATCOM Network Providers

2 minute read

Security

Targeting Satellite? CISA, FBI Warns of Attacks on SATCOM Network Providers

This advisory comes amid an investigation spearheaded by investigation teams from the US and Europe regarding service outages…

March 18, 2022

CISA Publishes List of Free Cybersecurity Tools and Services

2 minute read

Security

CISA Publishes List of Free Cybersecurity Tools and Services

The list is created to achieve goals from CISA’s recommendations that are part of the “CISA Insights: Implement Cybersecurity…

February 21, 2022

CISA warns of trojanized versions of JavaScript library's NPM package

2 minute read

News

CISA warns of trojanized versions of JavaScript library’s NPM package

The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository.

October 23, 2021

CISA - Ransomware hit SCADA systems of 3 US water facilities

2 minute read

CISA – Ransomware targeted SCADA systems of 3 US water facilities

US has warned of more ransomware attacks on IT and OT networks of country's Water and Wastewater Systems (WWS) Sector facilities.

October 15, 2021

Russia arrests boss of top cyber security firm Group-IB

2 minute read

Security

NSA, CISA Release Guidelines to Secure VPNs

The NSA and CISA have published guidelines to secure virtual private networks (VPNs) as threat actors have been exploiting VPN vulnerabilities.

September 29, 2021

Unpatched on-premise Microsoft Exchange servers hit with ProxyShell attacks

3 minute read

Unpatched Microsoft Exchange servers hit with ProxyShell attack

Researchers have identified 140+ webshells launched against 1,900 unpatched Microsoft Exchange servers.

August 26, 2021

ZOLL Defibrillator management software vulnerable to RCE flaws

2 minute read

Security

Prominent defibrillator management tool exposed to remote attacks

High-Risk security flaws found and patched in ZOLL defibrillator management software. Here's what happened and what was vulnerable.

June 21, 2021

The Latest

Researcher create polymorphic Blackmamba malware with ChatGPT

Owner of Breach Forums Pompompurin Arrested in New York

New Vishing Attack Spreading FakeCalls Android Malware

Chinese Hackers Exploiting 0-day Vulnerability in Fortinet Products

CISA

APT Actors Exploited Telerik Vulnerability in Govt IIS Server – CISA

CISA Offers Recovery Tool for ESXiArgs Ransomware Victims

Log4Shell – Iranian Hackers Accessed Domain Controller of US Federal Network

Targeting Satellite? CISA, FBI Warns of Attacks on SATCOM Network Providers

CISA warns of trojanized versions of JavaScript library’s NPM package

CISA – Ransomware targeted SCADA systems of 3 US water facilities

NSA, CISA Release Guidelines to Secure VPNs

Unpatched Microsoft Exchange servers hit with ProxyShell attack

Prominent defibrillator management tool exposed to remote attacks

Researcher create polymorphic Blackmamba malware with ChatGPT

Owner of Breach Forums Pompompurin Arrested in New York

New Vishing Attack Spreading FakeCalls Android Malware

Chinese Hackers Exploiting 0-day Vulnerability in Fortinet Products

Fake Telegram and WhatsApp clones aim at crypto on Android and Windows