In a recent development, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over an actively exploited high-severity flaw in the Service Location Protocol (SLP). Designated as CVE-2023-29552, the vulnerability poses a significant threat, allowing attackers to execute denial-of-service (DoS) attacks with a substantial amplification factor. This revelation follows the disclosure of the… Continue reading SLP DDoS Amplification Vulnerability Actively Exploited
Tag: CISA
MITRE Compiled a List of the 25 Most Dangerous Bugs
MITRE specialists have published a list of the 25 most dangerous bugs in software over the past two years. It included a variety of shortcomings, including vulnerabilities and errors in the code, architecture, implementation and design of the software. Love lists of some hacker stuff or cyber threats? Check out this: Huge Ransomware List by… Continue reading MITRE Compiled a List of the 25 Most Dangerous Bugs
US Authorities Warn of Disaster-Related Scams
Following natural disasters and severe weather, there is a higher chance of fraudulent activities as scammers prey on vulnerable individuals or those who wish to donate to charity. Scammers use various methods, including phone calls, text messages, mail, emails, and door-to-door visits, to exploit affected areas after hurricanes and damaging storms. Therefore, CISA (Cybersecurity &… Continue reading US Authorities Warn of Disaster-Related Scams
FBI Says Cuba Ransomware ‘Made’ $60 Million by Attacking More Than 100 Organizations
The FBI and the U.S. Infrastructure and Cyber Security Agency (CISA) report that as of August 2022, Cuba ransomware operators have received more than $60 million in ransom from their victims (initially, the hackers requested more than $145 million in ransoms) and have attacked more than 100 organizations around the world. The new security bulletin… Continue reading FBI Says Cuba Ransomware ‘Made’ $60 Million by Attacking More Than 100 Organizations
MITRE experts have published a list of the 25 most dangerous problems of 2022
MITRE experts have published a list of the 25 most common and dangerous problems of 2022. Such bugs can potentially expose systems to attack, allow attackers to take control of vulnerable devices, access sensitive information, or cause a denial of service. By the way, we also love all sorts of lists and tops, for example:… Continue reading MITRE experts have published a list of the 25 most dangerous problems of 2022
Nation-State Threat Actors are an Actual Menace, According to CISA
On April 13, the US government (specifically, the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the National Security Agency, and the Federal Bureau of Investigation) made a warning about nation-state threat actors using specialized malware to access industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices. Nation-State threat actors in… Continue reading Nation-State Threat Actors are an Actual Menace, According to CISA
US and UK accused China for attacks on Microsoft Exchange servers
The United States and a coalition of its allies, including the EU, Britain and NATO, have formally accused China and its authorities of a large-scale hacking campaign to break into Microsoft Exchange servers. Let me remind you that these attacks have been going on since the beginning of 2021 and are targeted tens of thousands… Continue reading US and UK accused China for attacks on Microsoft Exchange servers
Microsoft has released an update to remove Adobe Flash from Windows
As you know, very soon, on December 31, 2020, support for Adobe Flash Player will be completely discontinued, after which it will no longer be supported by all modern browsers. Now Microsoft has released an update to remove Adobe Flash from Windows. Let me remind you that work on a complete rejection of Flash Player… Continue reading Microsoft has released an update to remove Adobe Flash from Windows
CISA experts warned about the growth of LokiBot infostealer activity
Specialists from the Agency for Cybersecurity and Infrastructure Protection, organized by the US Department of Homeland Security (DHS CISA), warned about growth of activity of LokiBot infostealer aka Loki and Loki PWS; not to be confused with the Trojan of the same name for Android), which has been increasing since July this year. ZDNet journalists… Continue reading CISA experts warned about the growth of LokiBot infostealer activity
Chinese hackers attack US organizations and exploit bugs in F5, Citrix and Microsoft Exchange
The Department of Homeland Security (DHS CISA) Cybersecurity and Infrastructure Protection Agency (DHS CISA) has published security guidelines for the private sector and government agencies. CISA said that Chinese hackers associated with the Ministry of State Security of the Republic of China are attacking organizations in the United States and exploit bugs in F5, Citrix,… Continue reading Chinese hackers attack US organizations and exploit bugs in F5, Citrix and Microsoft Exchange