Ivanti Connect Secure zero-days exploited to deploy custom malware
Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple…
Ivanti warns critical EPM bug lets hackers hijack enrolled devices
Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack…
‘Operation Triangulation’ Spyware Attackers Bypass iPhone Memory Protections
The Operation Triangulation attacks are abusing undocumented functions in Apple chips to circumvent hardware-based security measures.
Strengthening Resilience: Navigating the Cybersecurity Landscape
The significance of cybersecurity resilience has never been higher as we grow more reliant on digital infrastructure.
Ivanti releases patches for 13 critical Avalanche RCE flaws
Ivanti has released security updates to fix 13 critical security vulnerabilities in the company's Avalanche enterprise mobile device management (MDM)…
Iranian ‘Seedworm’ Cyber Spies Target African Telcos & ISPs
Seedworm, aka MuddyWater, drops PowerShell-based malware on victims using living-off-the-land techniques.
Iran-Linked ‘OilRig’ Cyberattackers Target Israel’s Critical Infrastructure, Over & Over
The prolific APT repeatedly compromised targets in healthcare, manufacturing, and government with new lightweight downloaders that blend into network traffic…
Stealthy KV-botnet hijacks SOHO routers and VPN devices
The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named…
Lazarus hackers drop new RAT malware using 2-year-old Log4j bug
The notorious North Korean hacking group known as Lazarus continues to exploit CVE-2021-44228, aka "Log4Shell," this time to deploy three…
Lazarus Group Is Still Juicing Log4Shell, Using RATs Written in ‘D’
The infamous vulnerability may be on the older side at this point, but North Korea's primo APT Lazarus is creating…