Skip to content
network security Page 100

network security

Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks

Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks

Apr 17, 2024NewsroomRansomware / Cyber Espionage A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from… 

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Apr 17, 2024NewsroomEncryption / Vulnerability Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the… 

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Apr 17, 2024NewsroomVulnerability / Web Application Firewall Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity… 

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

Apr 17, 2024NewsroomIoT Security / Network Security Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at… 

OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

Apr 16, 2024NewsroomSupply Chain / Software Security Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ… 

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

Apr 16, 2024NewsroomCloud Security / DevSecOps New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to…