Tuesday , April 1 2025

infosecbulletin

CVE-2025-20029
PoC Exploit Released for F5 BIG-IP Command Injection Vuln

F5 BIG-IP

Security researchers have released a proof-of-concept exploit for CVE-2025-20029, a serious command injection vulnerability in F5’s BIG-IP application delivery controllers. The flaw has a CVSS v3.1 score of 8.8 and allows authenticated attackers to execute arbitrary system commands due to improper handling of special elements in the iControl REST API …

Read More »

By 1 April 2025
Australia Bans Kaspersky on its govt systems and devices

Kaspersky

On February 21, the Australian Department of Home Affairs issued a directive prohibiting the installation of Kaspersky Lab products and services on all Australian government systems and devices. The directive under the protective security policy framework (PSPF) mandates federal entities to eliminate “all instances” of Kaspersky’s products. Home Affairs secretary …

Read More »

B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum

1 million

On February 19, 2025, the illegal marketplace B1ack’s Stash released over 1 million unique stolen credit and debit card details for free. This approach mirrors the strategy used by BidenCash, where criminals distribute stolen data widely to attract attention to their marketplace. On February 17, a popular deep web forum …

Read More »

Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Salt Typhoon

Cisco Talos reported that  Salt Typhoon, also known as FamousSparrow and GhostEmperor, has been spying on U.S. telecommunication providers using a custom tool called JumbledPath. Active since at least 2019, they have targeted government entities and telecom companies. Salt Typhoon is still targeting telecommunications providers worldwide, and according to a …

Read More »

AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets

exposed AWS

A free tool is now available to scan public GitHub repositories for exposed AWS credentials. Security engineer Anmol Singh Yadav created AWS-Key-Hunter after discovering over 100 exposed AWS access keys, many with high privileges, in public repositories. He described these findings as “just waiting to be exploited” in his blog about …

Read More »

Check Point Flaw Used to Deploy ShadowPad and Ransomware

ShadowPad

An unknown threat cluster has targeted European healthcare organizations, deploying PlugX and ShadowPad. In some cases, these intrusions resulted in the use of ransomware called NailaoLocker. Orange Cyberdefense CERT’s Green Nailao campaign targeted a newly patched security flaw (CVE-2024-24919, CVSS score: 7.5) in Check Point network gateway products. The attacks …

Read More »

CVE-2024-12284
Citrix Issues Security Update for NetScaler Console

Citrix

Citrix has issued security updates for a serious vulnerability in the NetScaler Console and NetScaler Agent that could allow privilege escalation in specific situations. The vulnerability, identified as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0 It involves improper handling of user …

Read More »

CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries

Ghost ransomware

The FBI and CISA reported on Wednesday that the ransomware group Ghost has been exploiting software and firmware vulnerabilities as recently as January. The group targets internet services with old, unpatched vulnerabilities that users could have addressed years ago. Cybersecurity researchers began alerting the public about the group in 2021. …

Read More »

Hacker chains multiple vulns to attack Palo Alto Firewall

Palo Alto

Palo Alto Networks has issued urgent warnings about threat actors to exploit vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. Coordinated attacks can exploit flaws in authentication and privilege escalation to gain unauthorized access to unpatched devices, threatening the security of enterprise networks. CVE-2025-0108 is a serious authentication …

Read More »