On February 28, President Joe Biden issued a executive order with the intent of protecting Americans’ personal data from foreign threats. The data referred to is mainly sensitive and personal…
Category: Cyber Security
Chinese APT develops exploits to defeat patched Ivanti users
A Chinese spy group is on the verge of developing malware that can persist on Ivanti edge devices even after patches, updates and factory resets. When it rains it pours,…
Microsoft Zero Day used by Lazarus in rootkit attack
Microsoft updated a zero-day exploit in its AppLocker application whitelisting software, but not before the North Korean state-backed Lazarus group was able to exploit the flaw to launch a rootkit…
FBI and CISA release IoC for Phobos Ransomware
The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have released details on the tactics and techniques threat actors are using to deploy the Phobos ransomware strain on…
President Biden blocks mass transfer of personal data to high-risk nations
US President Joe Biden has issued an executive order banning the mass transfer of citizens’ personal data to countries of interest. The Executive Order also “provides assurances regarding other activities…
Corporate VPN vulnerabilities in the spotlight
Virtual private network (VPN) services have emerged as essential tools for modern businesses in recent years, doubly so since they helped save the day for many of them in the…
MITER launches 4 brand new CWEs for microprocessor security bugs
The MITER-led Common Weakness Enumeration (CWE) program has added four new microprocessor-related weaknesses to the community-developed list of common software and hardware weaknesses that result in exploitable vulnerabilities. The new…
Lazarus hackers have exploited the Windows kernel flaw as a zero-day in recent attacks
February 29, 2024PressroomRootkit/Threat Intelligence The infamous Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows kernel as zero-day to gain kernel-level access and disable security software…
Hugging Face AI platform filled with 100 malicious code execution models
Researchers have discovered around 100 machine learning (ML) models that have been uploaded to the artificial intelligence (AI) platform Hugging Face and potentially allow attackers to inject malicious code into…
New SAML Silver attack evades SAML Golden defenses in identity systems
February 29, 2024PressroomThreat Intelligence/Cyber Threats Cyber security researchers have revealed a new attack technique called SAML Silver which can be successful even in cases where mitigations against Golden SAML attacks…