Cybersecurity
Industrial software vuln actively exploited says CISA – but little evidence of real-world attacks
Attacks against ICS and OT systems are an increasingly real concern though.
Read This
Mitel 0day being used as access point for ransomware
Crowdstrike-discovered vuln added to CISA's Known Exploited Vulnerabilities list.
Cybersecurity
This is how Chinese hackers are breaching telcos worldwide, say US authorities
SOHO devices and unpatched enterprise switches are the way in.
Cybersecurity
Zyxel, VMware, F5 vulnerabilities under attack: Updated CISA database
Don't put that stuff on the public internet, kids.
Read This
The 10 most-exploited vulnerabilities of 2021: Not patched? Likely pwned...
Attackers continue to accelerate their weaponisation of newly-discovered flaws, the Five Eyes list of most-exploited vulnerabilities of 2021 shows. Contrary to some reports suggesting fears of mass-exploitation had been over-indexed, the flaw in Log4j joined the most widely-exploited vulnerabilities last year, despite only being discovered at the year's
Cybersecurity
Previously undocumented rootkit being deployed by Chinese APT
Daxin malware has some really clever C2 techniques to exfiltrate intelligence
Cybersecurity
US Agencies given two weeks to patch 100+ exploited vulns -- but who's forcing compliance?
It took TWO YEARS for all agencies to meet an earlier 45 day deadline