Calenderweek 03

TeamViewer Exploited by Cybercriminals for Ransomware Attacks

Cybercriminals appear to be currently exploiting the widely used remote access software TeamViewer to gain unauthorized access to remote computer systems and encrypt them with ransomware. This was reported by Bleeping Computer, citing a blog post from Huntress, detailing two specific attack incidents. In both cases, initial access was made through TeamViewer from the same …

TeamViewer Exploited by Cybercriminals for Ransomware Attacks Read More »

Juniper Networks Releases Critical Updates to Patch Remote Code Execution Vulnerabilities in SRX Firewalls and EX Switches

Juniper Networks has issued updates to address a critical remote code execution (RCE) vulnerability found in its SRX Series firewalls and EX Series switches. Rated 9.8 on the CVSS scoring system and tracked as CVE-2024-21591, this vulnerability could allow an unauthenticated, network-based attacker to execute remote code or cause a Denial-of-Service (DoS) situation, potentially gaining …

Juniper Networks Releases Critical Updates to Patch Remote Code Execution Vulnerabilities in SRX Firewalls and EX Switches Read More »

NetScaler’s ADC and Gateway Products: New Vulnerabilities Uncovered and Patched

Just when you thought you had recovered from Bleed, two vulnerabilities in NetScaler’s ADC and Gateway products have been rectified, though not before malicious actors discovered and exploited them, according to the vendor. CVE-2023-6548 could potentially enable remote code execution (RCE) within the appliances’ management interface. Despite its low 5.5 CVSS rating for an RCE …

NetScaler’s ADC and Gateway Products: New Vulnerabilities Uncovered and Patched Read More »

GitHub Implements Key Rotation in Response to Security Vulnerability

GitHub has recently disclosed the rotation of certain keys as a precautionary measure in response to a security vulnerability that posed potential risks of unauthorized access to credentials within a production container. According to the Microsoft-owned subsidiary, the issue came to their attention on December 26, 2023. They promptly addressed the problem on the same …

GitHub Implements Key Rotation in Response to Security Vulnerability Read More »

Alert: AndroxGh0st Malware Sparks Cloud-Based Botnet Threat, Warns CISA and FBI

CISA and the FBI have issued a warning regarding the deployment of the AndroxGh0st malware by threat actors, who are building a botnet for the purpose of identifying and exploiting victims within target networks. Initially observed by Lacework in December 2022, AndroxGh0st, a Python-based malware, has spawned similar tools such as AlienFox, GreenBot (also known …

Alert: AndroxGh0st Malware Sparks Cloud-Based Botnet Threat, Warns CISA and FBI Read More »

Scroll to Top