SonicWALL SSL-VPN provides secure remote access to an organization’s internal network and resources through an encrypted SSL connection. This kind of VPN is great for giving employees and partners secure access to internal applications and data from remote locations. A hacker is selling a $1000 exploit that targets SonicWALL SSL-VPN …

The banking trojan “Grandoreiro” is spreading widely through a phishing campaign in over 60 countries, aiming at customer accounts of about 1,500 banks. In January 2024, a joint international law enforcement operation involving Brazil, Spain, Interpol, ESET, and Caixa Bank revealed the disruption of a malware operation. The malware had …

Australian police are investigating a big data breach in a healthcare company after a ransomware attack on Thursday. The website and hotline of MediSecure, a company based in Melbourne, were offline after a breach occurred. This was confirmed by a statement from the electronic prescription service provider. No group has …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that two security flaws in D-Link routers have been added to its list of actively exploited vulnerabilities. The list of vulnerabilities is as follows: CVE-2014-100005 : A vulnerability that allows an attacker to manipulate D-Link DIR-600 router configurations by taking over …

The “Antidot” Android Banking Trojan pretends to be a Google Play update app and targets Android users in different regions. It uses VNC and overlay techniques to steal credentials. Cyble Research and Intelligence Labs (CRIL) found that the new Android Banking Trojan, called “Antidot,” pretends to be a Google Play …

CISA published a guide on using Encrypted Domain Name System (DNS) for federal civilian agencies to improve cybersecurity and meet OMB Memorandum M-22-09 requirements. Traditionally, the DNS protocol didn’t have ways to make sure requests and responses were confidential, secure, or authentic. However, the M-22-09 guideline requires agencies to encrypt …

Cyble Research and Intelligence Labs found that two cyber threat groups, Transparent Tribe (APT36) and SideCopy, are using advanced strategies to target India, putting both public and private sectors at risk. Cyble Research and Intelligence Labs (CRIL) found that two APT groups, Transparent Tribe (APT36) and SideCopy, are using advanced …

Recorded Future’s Insikt Group has discovered a major cyber threat campaign carried out by Russian-speaking hackers, possibly located in the Commonwealth of Independent States (CIS). This campaign misuses GitHub, a platform for software development, to spread different malware. The report explains how attackers pretend to be popular software like 1Password, …

CISA issued seventeen advisories about Industrial Control Systems (ICS) on May 16, 2024. These advisories give important information about security problems, weaknesses, and attacks related to ICS. ICSA-24-137-01 Siemens Parasolid ICSA-24-137-02 Siemens SICAM Products ICSA-24-137-03 Siemens Teamcenter Visualization and JT2Go ICSA-24-137-04 Siemens Polarion ALM ICSA-24-137-05 Siemens Simcenter Nastran ICSA-24-137-06 Siemens …

Intel released 41 security advisories this Patch Tuesday, which contain information about over 90 vulnerabilities in their products. The company has fixed most of the vulnerabilities with patches and provided some mitigations for others. The most significant flaw is CVE-2024-22476. It is rated as ‘critical’ and has a severity score …