by | May 17, 2023 | Uncategorized
A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party remote management tools within compromised environments. Google-owned Mandiant attributed the activity to a threat group it...
by | May 17, 2023 | Uncategorized
Software is rarely a one-and-done proposition. In fact, any application available today will likely need to be updated – or patched – to fix bugs, address vulnerabilities, and update key features at multiple points in the future. With the typical enterprise relying on...
by | May 17, 2023 | Uncategorized
The second generation version of Belkin’s Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that could be weaponized by a threat actor to inject arbitrary commands remotely. The issue, assigned the identifier CVE-2023-27217, was...
by | May 17, 2023 | Uncategorized
Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in Pakistan and China. This comprises a network of 55 domains and IP addresses used by the threat...
by | May 17, 2023 | Uncategorized
A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against “thousands of victims” in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and...
