Antivirus updates exploited for GuptiMiner malware deployment
Intrusions hijacking the eScan antivirus software's updating mechanism have been conducted by threat actors suspected to be linked to North Korean advanced persistent threat operation Kimsuky to facilitate the delivery of the sophisticated GuptiMiner...
South Korean defense firms subjected to North Korean APT attacks
North Korean state-sponsored advanced persistent threat operations Lazarus Group, Kimsuky, and Andariel were noted by South Korea's National Police Agency to have targeted several South Korean defense industry entities since late 2022 in a bid to...
Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs
An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.
Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances (ASA) devices and Cisco Firepower Threat Defense (FTD) software. A cyber threat actor could exploit vulnerabilities ( CVE-2024-20353, CVE...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20353 Cisco ASA and FTD Denial of Service Vulnerability CVE-2024-20359 Cisco ASA and FTD Privilege Escalation...
API Rug Pull - The NIST NVD Database and API (Part 4 of 3), (Wed, Apr 24th)
A while back I got an email from Perry, one of our readers who was having a problem using my cvescan script, which I covered in a 3 part story back in 2021: