breaking news – Page 27 – MCYSEKA-Maritime Cyber Security Knowledge Archive

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: […]

May 2, 2025

0 comment

Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations

Pro-Russia hacktivist group NoName057(16) is targeting Dutch organizations with large-scale DDoS attacks, the country’s National Cyber Security Center (NCSC) warns. This week, several Dutch and European organizations faced large-scale DDoS attacks launched by Pro-Russia hacktivists, including the NoName057(16) group. Threat actors target organizations across public and private sectors. Russian hacktivist group NoName057(16) claimed some of […]

May 2, 2025

0 comment

FBI shared a list of phishing domains associated with the LabHost PhaaS platform

The FBI shared 42K phishing domains tied to LabHost, a PhaaS platform shut down in April 2024, to boost awareness and help identify compromises. The FBI shared a list of 42,000 domains registered from November 2021 to Apr 2024, linked to LabHost to raise awareness and aid in threat detection. The domain list helps prevent […]

May 1, 2025

0 comment

Canadian electric utility Nova Scotia Power and parent company Emera suffered a cyberattack

Canadian electric utility Nova Scotia Power and parent company Emera are facing a cyberattack that disrupted their IT systems and networks. Nova Scotia Power Inc. is a vertically integrated electric utility serving the province of Nova Scotia, Canada. Headquartered in Halifax, it is a subsidiary of Emera Inc. The company provides electricity to over 500,000 […]

May 1, 2025

0 comment

Two SonicWall SMA100 flaws actively exploited in the wild

SonicWall confirmed that threat actors actively exploited two vulnerabilities impacting its SMA100 Secure Mobile Access (SMA) appliances. SonicWall revealed that attackers actively exploited two security vulnerabilities, tracked as CVE-2023-44221 and CVE-2024-38475, in its SMA100 Secure Mobile Access appliances. Below are the descriptions of the two flaws: “During further analysis, SonicWall and trusted security partners identified an […]

May 1, 2025

0 comment

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The financially-motivated group targeted organizations in the media, […]

May 1, 2025

0 comment

Russia-linked group Nebulous Mantis targets NATO-related defense organizations

PRODAFT researchers warn of Russia-linked APT group Nebulous Mantis targeting NATO-related defense organizations Nebulous Mantis, a Russian-speaking cyber espionage group (aka Cuba, STORM-0978, Tropical Scorpius, UNC2596), used RomCom RAT and Hancitor since 2019 to target critical infrastructure, governments, and NATO-linked entities. Since mid-2022, they’ve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. […]

April 30, 2025

0 comment

Indian Court ordered to block email service Proton Mail

Indian Court ordered a nationwide block of the privacy-oriented email service Proton Mail on April 29, 2025, following a legal complaint. Proton Mail is a Swiss-based email service offering end-to-end encryption to ensure that only the sender and recipient can read the messages. Founded in 2013 by scientists from CERN, it operates under Proton AG […]

April 30, 2025

0 comment

AirBorne flaws can lead to fully hijack Apple devices

Vulnerabilities in Apple’s AirPlay protocol and SDK exposed Apple and third-party devices to attacks, including remote code execution. Oligo Security found serious flaws, collectively tracked as AirBorne, in Apple’s AirPlay protocol and SDK, affecting Apple and third-party devices. Attackers can exploit the vulnerabilities to perform zero-/one-click RCE, bypass ACLs, read local files, steal data, and […]

April 30, 2025

0 comment

U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SAP NetWeaver flaw, tracked as CVE-2025-31324, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, researchers warned that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is […]

April 30, 2025

0 comment

1 … 25 26 27 28 29 … 209