Summary: Cisco has issued a security advisory regarding a vulnerability in ClamAV’s OLE2 file decryption routine, tracked as CVE-2025-20128. This vulnerability could allow unauthenticated remote attackers to cause a denial of service (DoS) condition on affected devices by exploiting an integer underflow during a bounds check.…
Read More
Tag: CLOUD
Summary: The modern workplace has shifted towards hybrid work, increasing reliance on cloud-based SaaS applications, which has led to heightened cyberthreats. The 2025 State of SaaS Backup and Recovery Report reveals alarming trends in data loss and recovery confidence among IT professionals. Organizations are urged to strengthen their data resilience strategies to navigate these challenges effectively.…
Read More
Victim: CENTRIC.EU
Country : NL
Actor: clop
Source: http://santat7kpllt6iyvqbr7q4amdv6dzrh6paatvyrzl7ry3zm72zigf4ad.onion/centric-eu
Discovered: 2025-01-24 08:06:41.814552
Published: 2025-01-24 08:06:41.814552
Description :
Centric.EU is an information technology company located in Europe.
Offers inventive and reliable IT solutions.
Specializes in software development and IT outsourcing.
Provides cloud services and managed services.
Engages in business process outsourcing and mobility solutions.…
Read More
This article discusses the latest MITRE ATT&CK® Evaluations for 2024, focusing on advanced threats such as ransomware and macOS attacks. It highlights Cybereason’s MalOp™ technology, which offers a comprehensive view of attacker activities, enhancing security operations by reducing alert fatigue and improving incident response. Affected: Windows, macOS
Read More
Keypoints :
The MITRE ATT&CK® Evaluations assess how well security vendors combat advanced threats.…
Summary: A recent report reveals a shift in credential harvesting tactics, with attackers now targeting lesser-known services like Gravatar and telecommunication companies such as AT&T and Comcast. By exploiting Gravatar’s “Profiles as a Service,” attackers create fake profiles to deceive users into revealing their login credentials.…
Read More
A recent report reveals that multiple cybersecurity firms have had their account credentials leaked and are being sold on the dark web. This poses risks not only to the companies involved but also to their customers. Additionally, the Ministry of Industry and Information Technology highlights the ongoing threat of the Androxgh0st botnet, which targets IoT devices and network infrastructure.…
Read More
Recent vulnerabilities in Ivanti Cloud Service Appliances (CSA) pose significant risks, allowing adversaries to exploit them through various chains. The CISA and FBI alert highlights the need for immediate action, as attackers have been able to gain access, execute remote code, and compromise sensitive networks. Affected: Ivanti Cloud Service Appliances, Enterprise Security
Read More
Keypoints :
Ivanti Cloud Service Appliances (CSAs) face critical vulnerabilities tracked as CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380.…
LockBit 3.0 ransomware primarily targets Windows systems, exploiting vulnerabilities in Active Directory and Microsoft Exchange Server. It employs various tactics for initial access, data encryption, and data exfiltration, threatening victims with public data leaks unless ransoms are paid. LockBit has been particularly active in sectors such as healthcare, finance, and critical infrastructure, leveraging advanced techniques to evade detection.…
Read More
Summary: The Justice Department has indicted five individuals for facilitating a scheme that allowed North Korean nationals to secure employment with U.S. companies, generating substantial revenue for the North Korean government. The operation involved using forged documents and remote access software to enable North Koreans to work from abroad while laundering the earnings through a Chinese bank account.…
Read More
Summary: The FBI has issued a warning about North Korean IT workers who exploit their access to steal source code and extort U.S. companies. These workers often impersonate legitimate staff and utilize various tactics to conceal their identities, posing significant security risks to organizations. The FBI has recommended measures to mitigate these threats, including verifying identities and monitoring network activity.…
Read More
Summary: LinkedIn Premium customers are suing the platform for allegedly sharing their private messages with third parties without consent to train AI models. The lawsuit claims that LinkedIn enabled data sharing by default and failed to adequately disclose this in its privacy policy. Users argue that their messages are now embedded in AI models, which cannot be reversed, raising significant privacy concerns.…
Read More
Summary: Cyber Insights 2025 explores expert predictions on the evolution of malware, focusing on ransomware, the influence of AI, and the impact of geopolitics. As cybercriminals adapt their tactics, ransomware remains a prevalent threat, while advancements in AI may lead to faster and more sophisticated attacks.…
Read More
Summary: Cyberattackers are exploiting multiple Ivanti vulnerabilities to compromise the company’s Cloud Service Appliance (CSA). CISA and the FBI have identified several critical vulnerabilities that allow attackers to gain initial access and execute remote code on victim networks. Organizations are urged to upgrade their systems and implement detection methods to mitigate these threats.…
Read More
Summary: QNAP has addressed six critical vulnerabilities in its HBS 3 Hybrid Backup Sync software that could allow attackers to execute remote code on unpatched NAS devices. These vulnerabilities, identified as CVE-2024-12084 through CVE-2024-12747, can be exploited by attackers with anonymous read access to the vulnerable servers.…
Read More
Victim: WorldNet Telecommunications LLC
Country : PR
Actor: akira
Source:
Discovered: 2025-01-23 14:50:37.795226
Published: 2025-01-23 14:50:32.167431
Description :
WorldNet provides a comprehensive range of technology solutions for companies.
Services include digital security, IT consulting, and voice and data services.
Offers cloud services and broadband Internet solutions.…
Read More
Summary: Organizations are facing challenges in managing and retrieving data stored across multiple applications, making enterprise search increasingly complex. Doti AI, a new AI-powered platform, aims to streamline data access while ensuring data security by consolidating information and implementing strict access controls. The platform allows users to efficiently find relevant information within their workflows without compromising sensitive data.…
Read More
Summary: Finnish authorities are investigating the Eagle S oil tanker for potentially severing subsea cables intentionally on Christmas Day. The investigation is ongoing, with suspicions raised about the crew’s actions while dragging the anchor for an extended distance. The case has sparked debate over whether the incidents are accidental or part of a deliberate pattern of behavior.…
Read More
Cado’s export capabilities enhance security operations by streamlining data flow between SIEMs, ticketing systems, and forensic platforms. This integration reduces manual errors, improves efficiency, and ensures timely incident resolution. Affected: Cado platform, SIEMs, ticketing systems
Read More
Keypoints :
Modern SOCs face challenges with manual data transfers and incompatible formats.…
Summary: Cisco has released patches for three vulnerabilities, including a critical flaw in Meeting Management that allows remote attackers to gain administrator privileges. Additionally, a high-severity bug in Cisco BroadWorks could lead to denial-of-service conditions, while a medium-severity issue in ClamAV could crash the scanning process.…
Read More
Summary: Cisco has issued critical software updates to address a privilege escalation vulnerability (CVE-2025-20156) in its Meeting Management system, allowing remote attackers to gain administrator access. Additionally, patches were released for a denial-of-service (DoS) flaw in BroadWorks and an integer underflow bug in ClamAV. The vulnerabilities highlight ongoing security challenges faced by organizations using Cisco products.…
Read More