attackers
-
Blog
ASUS Armoury Crate bug lets attackers get Windows admin privileges
A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. The security issue is tracked as CVE-2025-3464 and received a severity score of 8.8 out of 10. It could be exploited to bypass authorization and affects the AsIO3.sys of the Armoury Crate system management software. Armoury Crate is the official system…
Read More » -
Blog
FIN6 attackers target recruiters with fraudulent resumes
The FIN6 hacking group, also known as Skeleton Spider, has been spotted impersonating job seekers to target recruiters with malware. Contacting recruiters and HR departments on sites such as LinkedIn or Indeed, the group is submitting convincing-looking job resumes containing phishing links. These links lead to the applicant’s ‘personal website’, said to contain their resume. The links are given in…
Read More » -
Blog
New Secure Boot flaw lets attackers install bootkit malware, patch now
Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and install bootkit malware. The flaw affects nearly every system that trusts Microsoft’s “UEFI CA 2011” certificate, which is pretty much all hardware that supports Secure Boot. Binarly researcher Alex Matrosov discovered the CVE-2025-3052 flaw after finding…
Read More » -
Blog
Cisco fixes max severity IOS XE flaw letting attackers hijack devices
Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. This token is meant to authenticate requests to a feature called ‘Out-of-Band AP Image Download.’ Since it’s hard-coded, anyone can impersonate an authorized user without credentials. The vulnerability is…
Read More » -
Blog
DDoS attackers are pouncing on unpatched vulnerabilities
IoT manufacturers are failing to help prevent DDoS attacks by fixing known vulnerabilities, allowing criminals to launch years-long campaigns. Unpatched or poorly secured devices, purpose-built to keep costs down, allowed attackers to launch over 27,000 botnet-driven DDoS attacks during March alone. New figures from NetScout reveal that service providers were hit with an average of one attack every two minutes.…
Read More » -
Blog
RSAC Conference day two: A focus on what attackers are doing
A major focus of the second day of the RSAC Conference was sharing intelligence on what attackers are actually doing with emerging capabilities like AI, as well as quantum computing. In separate keynote sessions Tuesday, senior executives from Google offered different perspectives about what threat actors, including nation-states, are doing with artificial intelligence tools. Sandra Joyce, vice president of Google…
Read More » -
Blog
Forget MFA fatigue, attackers are exploiting ‘click tolerance’ to trick users into infecting themselves with malware
Threat actors are exploiting users’ familiarity with verification tests to trick them into loading malware onto their systems, new research has warned. A report from HP Wolf Security highlighted multiple threat campaigns where hackers took advantage of the fact users are forced to jump through a growing number of hoops to prove they are a legitimate user. The report describes…
Read More » -
Blog
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. IOS XR runs on the company’s carrier-grade, Network Convergence System (NCS), and Carrier Routing System (CRS) series of routers, such as the ASR 9000, NCS 5500, and 8000 series. This high-severity flaw (tracked as CVE-2025-20115) was found…
Read More » -
Blog
Malware-free attacks surged in 2024 as attackers drop malicious software for legitimate tools
Cyber attacks leveraging trusted services to conduct malicious activities are becoming the norm, according to new research, as malware takes a backseat among hackers. CrowdStrike’s 2025 global threat report found a shift towards malware-free attack techniques was one of the defining trends shaping the threat landscape in the past five years. The report stated that 79% of CrowdStrike’s threat detections…
Read More » -
Blog
Cyber attackers give the city of Bourne, MA one week to pay ransom
Ransomware gang RansomHub today claimed responsibility for a January 2025 cyber attack on the town of Bourne, Massachusetts. RansomHub gave Bourne officials one week to pay an undisclosed amount in ransom, or else it will auction off 100 GB of allegedly stolen data. Bourne officials have not confirmed RansomHub’s claim, but the town and local police did announce that Bourne…
Read More »