brute-force
Faraway Russian hackers breached US organization via Wi-Fi
Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems …
Exploited: Cisco, SharePoint, Chrome vulnerabilities
Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s …
Hackers breaching construction firms via specialized accounting software
Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. …
PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a …
Microsoft: Russian hackers accessed internal systems, code repositories
Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country’s Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft …
Hackers are targeting exposed MS SQL servers with Mimic ransomware
Hackers are brute-forcing exposed MS SQL database servers to deliver Mimic ransomware, Securonix researchers are warning. About Mimic ransomware Mimic ransomware was first …
Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access …
Cybercriminals target MS SQL servers to deliver ransomware
A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target …
Cisco VPNs with no MFA enabled hit by ransomware groups
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. …
LinkedIn users targeted in account hijacking campaign
LinkedIn users are being targeted in an ongoing account hijacking campaign, getting locked out of their accounts; the hacked accounts are held for ransom. Users discussing …
Top passwords used in RDP brute-force attacks
Specops Software released a research analyzing the top passwords used in live attacks against Remote Desktop Protocol (RDP) ports. This analysis coincides with the latest …
Sharp rise in SMB cyberattacks by Russia and China
SaaS Alerts unveiled the findings of its latest report which analyzed approximately 136 million SaaS security events across 2,100 small and medium businesses (SMBs) globally …
Featured news
Resources
Don't miss
- CISA: Use Signal or other secure communications app
- Another NetWalker affiliate sentenced to 20 years in prison
- Why cybersecurity is critical to energy modernization
- Cryptocurrency hackers stole $2.2 billion from platforms in 2024
- CISA orders federal agencies to secure their Microsoft cloud environments