Cybersecurity

Category Added in a WPeMatico Campaign

Cybersecurity

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

Mar 08, 2024NewsroomNetwork Security / Vulnerability Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing […]

Cybersecurity

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

Mar 08, 2024NewsroomNetwork Security / Vulnerability Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing […]

Cybersecurity

QEMU Emulator Exploited as Tunneling Tool to Breach Company Network

Mar 08, 2024NewsroomEndpoint Security / Network Security Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large company” to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to […]

Cybersecurity

QEMU Emulator Exploited as Tunneling Tool to Breach Company Network

Mar 08, 2024NewsroomEndpoint Security / Network Security Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large company” to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to […]

Cybersecurity

CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

Mar 08, 2024NewsroomVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows […]

Cybersecurity

CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

Mar 08, 2024NewsroomVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows […]

Cybersecurity

South St. Paul Public Schools investigating potential cybersecurity threat

South St. Paul Public Schools alerted families this week to an ongoing technology disruption that is being investigated. Staff and families were notified Monday of technical difficulties “that may disrupt certain services” like online platforms, emails and other digital services. On Tuesday the district said it had been made aware of “unauthorized activity within our […]

Cybersecurity

Ransomware Attackers Leak Sensitive Swiss Government Documents, Login

Sensitive Swiss federal government data, including classified documents and log in credentials, were leaked by the Play ransomware group following an attack on IT service provider Xplain in 2023. An investigation by Switzerland’s National Cyber Security Centre (NCSC) revealed that around 65,000 documents relating to the federal government were published by the attackers on the […]