The U.S. government is warning of a new exploit against multiple flaws in cloud applications. The Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are chaining a number of CVE-listed vulnerabilities into a single exploit script. The flaws in question are present in Ivanti appliances version 4.6 and earlier. The threat actors use the … Read more
Jan 21, 2025Ravie LakshmananBotnet / Vulnerability Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet. The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys … Read more
Normally, Secure Boot prevents the UEFI from running all subsequent files unless they bear a digital signature certifying those files are trusted by the device maker. The exploit bypasses this protection by injecting shell code stashed in a malicious bitmap image displayed by the UEFI during the boot-up process. The injected code installs a cryptographic key … Read more
Cloud services have become a critical enabler for modern businesses, offering scalable, secure storage and processing capabilities. However, these same services are increasingly being exploited by ransomware groups as tools for both compromising systems and exfiltrating sensitive data. Ransomware exploits cloud services A recent report from SentinelLabs, The State of Cloud Ransomware in 2024, highlights … Read more
Nov 06, 2024Ravie LakshmananSaaS Security / Threat Detection An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. “Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDrive — the attacker exploited the trusted … Read more