attackers
-
Blog
Forget MFA fatigue, attackers are exploiting ‘click tolerance’ to trick users into infecting themselves with malware
Threat actors are exploiting users’ familiarity with verification tests to trick them into loading malware onto their systems, new research has warned. A report from HP Wolf Security highlighted multiple threat campaigns where hackers took advantage of the fact users are forced to jump through a growing number of hoops to prove they are a legitimate user. The report describes…
Read More » -
Blog
Cisco IOS XR vulnerability lets attackers crash BGP on routers
Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. IOS XR runs on the company’s carrier-grade, Network Convergence System (NCS), and Carrier Routing System (CRS) series of routers, such as the ASR 9000, NCS 5500, and 8000 series. This high-severity flaw (tracked as CVE-2025-20115) was found…
Read More » -
Blog
Malware-free attacks surged in 2024 as attackers drop malicious software for legitimate tools
Cyber attacks leveraging trusted services to conduct malicious activities are becoming the norm, according to new research, as malware takes a backseat among hackers. CrowdStrike’s 2025 global threat report found a shift towards malware-free attack techniques was one of the defining trends shaping the threat landscape in the past five years. The report stated that 79% of CrowdStrike’s threat detections…
Read More » -
Blog
Cyber attackers give the city of Bourne, MA one week to pay ransom
Ransomware gang RansomHub today claimed responsibility for a January 2025 cyber attack on the town of Bourne, Massachusetts. RansomHub gave Bourne officials one week to pay an undisclosed amount in ransom, or else it will auction off 100 GB of allegedly stolen data. Bourne officials have not confirmed RansomHub’s claim, but the town and local police did announce that Bourne…
Read More » -
Blog
Microsoft says attackers use exposed ASP.NET keys to deploy malware
Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, some developers use ASP.NET validationKey and decryptionKey keys (designed to protect ViewState from tampering and information disclosure) found on code documentation and repository platforms in their own software. However, threat actors also use…
Read More » -
Blog
Cisco confirms attackers stole data, shuts down access to compromised DevHub environment
Cisco has closed public access to one of its third-party developer environments after threat actors successfully stole data from a public-facing DevHub environment. On 14 October, the prominent threat actor IntelBroker posted on BreachForums that they compromised data including source code, hard-coded credentials, certificates, API tokens, private and public keys, AWS private buckets, Docker builds, and Azure storage buckets as…
Read More » -
Blog
Critical SAP flaw allows remote attackers to bypass authentication
SAP has released its security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass that could allow remote attackers to fully compromise the system. The flaw, tracked as CVE-2024-41730 and rated 9.8 as per the CVSS v3.1 system, is a “missing authentication check” bug impacting SAP BusinessObjects Business Intelligence Platform versions 430 and 440 and is…
Read More »