Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

A new cyber attack campaign has been observed using spurious MSIX Windows app package files for popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to distribute a novel malware loader dubbed GHOSTPULSE. "MSIX is a Windows app package format that developers can leverage to package, distribute, and install their applications to Windows users," Elastic

The Hacker News
Open in Source
#web#windows#google#microsoft#cisco#js#git#oracle#chrome#The Hacker News
YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group

A relatively new threat actor known as YoroTrooper is likely made of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting of Kazakhstani entities, barring the government's Anti-Corruption Agency. "YoroTrooper attempts to obfuscate the

Kazakh Attackers, Disguised as Azerbaijanis, Hit Former Soviet States

The YoroTrooper group claims to be from Azerbaijan and even routes its phishing traffic through the former Soviet republic.

9 vulnerabilities found in VPN software, including 1 critical issue that could lead to remote code execution

Attackers could exploit these vulnerabilities in the SoftEther VPN solution for individual and enterprise users to force users to drop their connections or execute arbitrary code on the targeted machine.

Kazakhstan-associated YoroTrooper disguises origin of attacks as Azerbaijan

Cisco Talos assesses with high confidence that YoroTrooper, an espionage-focused threat actor first active in June 2022, likely consists of individuals from Kazakhstan based on their use of Kazakh currency and fluency in Kazakh and Russian.

15 Best SaaS SEO Experts That Will Help You Dominate Online

By Owais Sultan Looking for a SaaS SEO consultant? We’ve rounded up the top 15 SaaS SEO experts you need to… This is a post from HackRead.com Read the original post: 15 Best SaaS SEO Experts That Will Help You Dominate Online

Attacks on web applications spike in third quarter, new Talos IR data shows

We observed the BlackByte ransomware group’s new variant, BlackByte NT, for the first time in addition to the previously seen LockBit ransomware, which continues to be the top observed ransomware family in Talos IR engagements.

Rockwell Automation Stratix 5800 and Stratix 5200

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: Rockwell Automation Equipment: Stratix 5800 and Stratix 5200 Vulnerabilities: Unprotected Alternate Channel 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to take control of the affected system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Stratix products and the contained Cisco IOS software are affected: Stratix 5800 (running Cisco IOS XE Software with the Web UI feature enabled): All versions Stratix 5200 (running Cisco IOS XE Software with the Web UI feature enabled): All versions 3.2 Vulnerability Overview 3.2.1 UNPROTECTED ALTERNATE CHANNEL CWE-420 Rockwell Automation is aware of active exploitation of a previously unknown vulnerability in the web user interface feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability al...

They Cracked the Code to a Locked USB Drive Worth $235 Million in Bitcoin. Then It Got Weird

Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.