Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
In 2021, threat actors aggressively exploited newly disclosed critical software vulnerabilities to hit a broad set of targets worldwide, says the latest advisory published by the US Cybersecurity and Infrastructure Security Agency. Most exploited vulnerabilities, new and old Compiled by cybersecurity authorities from the Five Eyes intelligence alliance, the list of top 15 CVEs routinely […]
Continue Reading
Five new research reports outlining malware detected on compromised Pulse Secure devices were issued this week by the US Cybersecurity and Infrastructure Security Agency (CISA). Adversaries have been targeting Pulse Connect Secure VPN appliances to exploit a variety of vulnerabilities, including CVE-2021-22893 and CVE-2021-22937, which were found earlier this year. CISA issued an alert […]
Continue ReadingThe patch for a vulnerability (CVE-2020-8260) in Pulse Connect Secure VPN devices that attackers have been exploiting in the wild can be bypassed, security researcher Rich Warren has found. This new patch bypass vulnerability that could lead to remote code execution has been assigned a separate identification number (CVE-2021-22937) and has been fixed by Ivanti […]
Continue Reading
A detailed warning concerning almost 13 malware samples associated with Pulse Secure operated devices has been issued by the Cybersecurity and Infrastructure Security Agency (CISA). These specimens were flown beneath the anti-virus radar. In Pulse Connect Secure’s suite of virtual private network (VPN) devices, at least two main hacker groups have distributed a dozen […]
Continue ReadingU.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published a security alert related to the discovery of 13 malware samples on compromised Pulse Secure devices, many of which were undetected by antivirus products. Experts pointed out […]
Continue ReadingChina-linked APT breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. China-linked threat actors breached the network of the New York City’s Metropolitan Transportation Authority (MTA) network exploiting a Pulse Secure zero-day. The intrusion took place in April, but attackers did not cause any damage because they were […]
Continue Reading
Several hacker groups that are supposed to support Chinese long-term economic goals continue in the defense, high-tech, public, transportation, and financial services industry networks in the US and Europe. Many breaches have taken place wherein attacks by Chinese threat actors penetrated Pulse Secure VPN devices to break into an organization’s network and steal confidential […]
Continue Reading
Supermicro, a U.S.-based information technology firm and VPN provider Pulse Secure have released their advisories regarding the vulnerabilities of their motherboards to the TrickBot malware’s Unified Extensible Firmware Interface (UEFI) firmware-infecting module, called Trickboot. Last year, cybersecurity companies Advanced Intelligence and Eclypsium launched a joint report regarding a new malicious firmware-targeting ‘TrickBoot’ module delivered […]
Continue ReadingThe COVID-19 pandemic has not impacted the adoption of zero trust technology globally, a Pulse Secure report reveals. In fact, 60% of organizations said they have accelerated zero trust implementation during the pandemic. The report surveyed more than 250 technology professionals. The newly published report examines how enterprises are moving forward with zero trust networking […]
Continue ReadingThe US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or have exploited in attacks. “Most of the vulnerabilities […] can be exploited to gain initial access to victim networks using products that are directly accessible from the Internet and act as […]
Continue Reading