Data Breach News, News, Vulnerabilities
November 21, 2023
495 views 12 secs 0

Citrix warns admins to kill NetScaler user sessions to block hackers

Earlier today, CISA issued an advisory: StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability. The advisory includes TTPs and IOCs obtained from FBI, ACSC, and voluntarily shared by Boeing following its recent attack by LockBit that resulted in their data being leaked. Boeing observed LockBit 3.0 affiliates exploiting CVE-2023-4966, to obtain initial […]

Data Breach News, News, Vulnerabilities
November 09, 2023
1017 views 43 secs 0

Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

Bleeping Computer reports: Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization. The Clop ransomware is notorious […]

Legal News, Vulnerabilities
October 25, 2023
1048 views 16 secs 0

Hackers leveraging AI: vulnerability for law firms

Don Nokes of NetCenergy, an outsourced IT service provider, explains the emerging threat and provides this example: Once the bad actors learn (possibly from first hacking a firm’s email) that a financial transaction is taking place, they send an AI-generated voice message to confirm where to send the funds. The fund transferer hears the familiar […]

New Threats, Vulnerabilities
September 20, 2023
1154 views 37 secs 0

Lazarus Group Exploits ManageEngine Vulnerability

HC3: Sector AlertTLP:CLEARReport: 202309181700 Executive Summary Cisco Talos has published an open-source report regarding the North Korean state-sponsored actor, the Lazarus Group, reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States. The attackers have been exploiting a vulnerability in ManageEngine products, which is tracked as CVE-2022-47966. This vulnerability […]