Threat actors have been actively exploiting chained vulnerabilities in Ivanti Cloud Service Appliances (CSA), significantly amplifying the impact of their cyber-attacks. The vulnerabilities—CVE-2024-8963, CVE-2024-9379, CVE-2024-8190 and CVE-2024-9380—were leveraged in September 2024 to breach systems, execute remote code (RCE), steal credentials…
Jan 23, 2025Ravie LakshmananFirmware Security / Vulnerability An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices’ firmware as well as misconfigured security features. “These weren’t obscure, corner-case…
A growing wave of arbitrage betting fraud, driven by automation and advanced money laundering techniques, has been forcing bookmakers to adopt stricter measures to protect their platforms. This type of fraud exploits pricing inefficiencies across betting markets, allowing fraudsters to…
Jan 23, 2025Ravie LakshmananThreat Intelligence / Data Breach An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads. The findings come from SentinelOne, which…
CISOs are gaining ground in the boardroom, but many of their C-suite peers believe there’s still work to be done to improve their business and soft skills, according new research by to Splunk. The Cisco company surveyed 500 CISOs or…
Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches[1],[2]. While identity-based attacks continue to dominate as the leading cause of security incidents, the common approach to…
Cybercriminals are selling access to a new malicious generative AI chatbot called GhostGPT. The AI tool is designed to assist with malicious activities such as malware creation and phishing emails. Researchers from Abnormal Security observed the cybercrime tool being sold…
Jan 23, 2025Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader. “BackConnect is a common feature or module utilized by…
Jan 23, 2025Ravie LakshmananNetwork Security / Vulnerability Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE-2025-20156,…
Jan 23, 2025Ravie LakshmananCloud Security / Cryptojacking Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. “This actor engaged in a variety of…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
