How to Protect Your Environment From the NTLM Vulnerability
This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.
Malicious Rspack, Vant packages published using stolen NPM tokens
Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish…
BadBox malware botnet infects 192,000 Android devices despite disruption
The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted…
Juniper warns of Mirai botnet scanning for Session Smart routers
Juniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...]
Russian hackers use RDP proxies to steal data in MiTM attacks
The Russian hacking group tracked as APT29 (aka "Midnight Blizzard") is using a network of 193 remote desktop protocol proxy servers…
Citrix shares mitigations for ongoing Netscaler password spray attacks
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to…
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other…
With ‘TPUXtract,’ Attackers Can Steal Orgs’ AI Models
A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network —…
Germany blocks BadBox malware loaded on 30,000 Android devices
Germany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices…
New IOCONTROL malware used in critical infrastructure attacks
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used…