InfoSecBulletin Cybersecurity for mankind
On February 19, 2025, the illegal marketplace B1ack’s Stash released over 1 million unique stolen credit and debit card details for free. This approach mirrors the strategy used by BidenCash, where criminals distribute stolen data widely to attract attention to their marketplace. On February 17, a popular deep web forum …
Read More »TimeLine Layout
February, 2025
-
22 February
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Cisco Talos reported that Salt Typhoon, also known as FamousSparrow and GhostEmperor, has been spying on U.S. telecommunication providers using a custom tool called JumbledPath. Active since at least 2019, they have targeted government entities and telecom companies. Salt Typhoon is still targeting telecommunications providers worldwide, and according to a …
Read More » -
20 February
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
A free tool is now available to scan public GitHub repositories for exposed AWS credentials. Security engineer Anmol Singh Yadav created AWS-Key-Hunter after discovering over 100 exposed AWS access keys, many with high privileges, in public repositories. He described these findings as “just waiting to be exploited” in his blog about …
Read More » -
20 February
Check Point Flaw Used to Deploy ShadowPad and Ransomware
An unknown threat cluster has targeted European healthcare organizations, deploying PlugX and ShadowPad. In some cases, these intrusions resulted in the use of ransomware called NailaoLocker. Orange Cyberdefense CERT’s Green Nailao campaign targeted a newly patched security flaw (CVE-2024-24919, CVSS score: 7.5) in Check Point network gateway products. The attacks …
Read More » -
20 February
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
Citrix has issued security updates for a serious vulnerability in the NetScaler Console and NetScaler Agent that could allow privilege escalation in specific situations. The vulnerability, identified as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0 It involves improper handling of user …
Read More » -
20 February
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
The FBI and CISA reported on Wednesday that the ransomware group Ghost has been exploiting software and firmware vulnerabilities as recently as January. The group targets internet services with old, unpatched vulnerabilities that users could have addressed years ago. Cybersecurity researchers began alerting the public about the group in 2021. …
Read More » -
20 February
Hacker chains multiple vulns to attack Palo Alto Firewall
Palo Alto Networks has issued urgent warnings about threat actors to exploit vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. Coordinated attacks can exploit flaws in authentication and privilege escalation to gain unauthorized access to unpatched devices, threatening the security of enterprise networks. CVE-2025-0108 is a serious authentication …
Read More » -
18 February
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
Indian government and educational websites, along with reputable financial brands, have experienced SEO poisoning, causing user traffic to be redirected to dubious sites promoting rummy and other investment games. Analysts at CloudSEK have found that threat actors are using black hat Search Engine Poisoning to promote Rummy and investment websites …
Read More » -
18 February
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
The Cyber Threat Intelligence Unit of BGD e-GOV CIRT has found 600 vulnerable PRTG instances in Bangladesh, affected by the critical CVE-2018-19410 vulnerability. This flaw allows remote, unauthenticated attackers to create admin users, risking unauthorized access and data breaches. It primarily impacts PRTG Network Monitor versions prior to 18.2.40.1683 and …
Read More » -
17 February
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
Amazon Web Services (AWS) has been named in an FIR after a builder claimed damages to the tune of Rs 150 crore over the loss of data stored with the cloud-service platform. The FIR was filed by the CCB’s Cyber Crime Police Station on February 11 following a complaint by …
Read More »