For providers

Actions direct agencies to deploy specific security configurations to reduce cyber-risk.

Attacks involved the addition of a BeMob URL to the ad management system of the Monetag website monetization platform, also known as Omnatuor or Vane Viper, in an effort to enable TDS redirection to fake CAPTCHA pages hosted on various legitimate services, according to a Guardio Labs report.

More than 300 SMTP servers have been leveraged by yet-to-be-identified threat actors to facilitate the automated distribution of phishing emails purporting to be business proposals, contracts, or promotional materials from widely known brands, according to an analysis from CloudSEK.

Threat actors commenced scanning vulnerable online webcams and DVRs in the U.S., Canada, Australia, New Zealand, and the UK impacted by the CVE-2017-7921, CVE-2018-9995, CVE-2020-25078, CVE-2021-33044, and CVE-2021-36260 flaws, as well as default passwords, which were later compromised through the open-source authentication brute-force tool Medusa.

Intrusions were initially conducted by the Monstrous Mantis operation, which exfiltrated DrayTek device credentials later shared with its partners Ruthless Mantis, also known as PTI-288, and LARVA-15, also known as Wazawaka, according to an analysis from Forescout.

Three vulnerabilities in the service's Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware.

Cisco’s new Wi-Fi 7 solution delivers unmatched connectivity, robust security, and AI-native assurance—setting a new standard for the modern workplace.

Program designed to validate and sharpen cybersecurity skills for working professionals.