attacks
-
Blog
SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks
SonicWall is warning about a pre-authentication deserialization vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), with reports that it has been exploited as a zero-day in attacks. The flaw, tracked as CVE-2025-23006 and rated critical (CVSS v3 score: 9.8), could allow remote unauthenticated attackers to execute arbitrary OS commands under specific conditions. The vulnerability affects all…
Read More » -
Blog
Global cyber attacks jumped 44% last year
The number of cyber attacks worldwide rose by 44% last year, fueled by evolving nation-state attacks and the increasing prevalence of generative AI. In its annual report, Check Point Software said nation-states are changing their strategy, shifting from acute attacks to chronic campaigns aimed at eroding trust and destabilizing systems. AI-powered disinformation and influence campaigns targeted a third of global…
Read More » -
Blog
Microsoft’s January 2025 Security Update Patches Exploited Elevation of Privilege Attacks
Microsoft’s latest batch of security patches includes an expanded blacklist for certain Windows Kernel Vulnerable Drivers and fixes for several elevations of privilege vulnerabilities. The January 2025 Security Update addressed 159 vulnerabilities. Security patches should be applied to keep software up-to-date. However, early versions of patches may be unreliable and should be cautiously approached and deployed in test environments first.…
Read More » -
Blog
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking. The flaw is tracked as CVE-2024-12365 despite the developer releasing…
Read More » -
Blog
WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites
A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. Researchers at webscript security company c/side discovered during an incident response engagement for one of their clients that the malicious activity uses the wp3[.]xyz domain to exfiltrate data but have yet to determine the initial infection vector. After compromising a…
Read More » -
Blog
Hackers use FastHTTP in new high-speed Microsoft 365 password attacks
Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. The campaign was recently discovered by incident response firm SpearTip, who said the attacks began on January 6, 2024, targeting the Azure Active Directory Graph API. The researchers warn that the brute-force attacks have to successful account takeovers 10% of the time.…
Read More » -
Blog
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding Operational Directive (BOD) 22-01, after being added to CISA’s Known Exploited Vulnerabilities catalog, U.S. federal agencies must secure their networks against ongoing attacks targeting the flaw within three weeks by February 3.…
Read More » -
Blog
2024 was a record year for commercial cyber attacks
2024 was the worst ever for commercial cyber attacks in the UK, new research suggests, with remote IoT devices attracting the most attacks. During 2024, UK firms each experienced an average of more than 753,341 malicious attempts to breach their online and IT systems, according to analysis by specialist business ISP Beaming. That was 4% higher than in 2023 –…
Read More » -
Blog
UK cyber experts on red alert after Salt Typhoon attacks on US telcos
Cyber experts have warned UK telecommunications firms and the wider industry must be ready for a barrage of cyber attacks as the Salt Typhoon hacker group claims yet more victims in the US. Three further companies based in the US, Charter Communications, Consolidate Communications, and Windstream, have been added to the list of telecoms organizations compromised by the Chinese state-affiliated…
Read More » -
Blog
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that hackers exploited a Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 in zero-day attacks to install malware on appliances. The company says it became aware of the vulnerabilities after the Ivanti Integrity Checker Tool (ICT) detected malicious activity on customers’ appliances. Ivanti launched an investigation and confirmed that threat actors were actively exploiting CVE-2025-0282 as a zero-day.…
Read More »