Fortinet warns that Chinese and other APTs are exploiting CVE-2022-42475 and CVE-2023-27997 in attacks.
The post Fortinet: APTs Exploiting FortiOS Vulnerabilities in Critical Infrastructure Attacks appeared first on SecurityWeek.
CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption
New CISA alert includes technical mitigations to harden attack surfaces and instructions to hunt for the Chinese government-backed hackers.
The post CISA: China’s Volt Typhoon Hackers Planning Critical Infrastructure Disruption appeared first on SecurityWeek.
In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers
Noteworthy stories that might have slipped under the radar: Palo Alto Networks ordered to pay $150 million in patent lawsuit, identity solutions firms get big funding, government hacker techniques.
The post In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers appeared first on SecurityWeek.
US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks
The US government slaps sanctions against six Iranian government officials linked to cyberattacks against Israeli PLC vendor Unitronics.
The post US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks appeared first on SecurityWeek.
Cloudflare Hacked by Suspected State-Sponsored Threat Actor
A nation-state threat actor accessed internal Cloudflare systems using credentials stolen during the Okta hack.
The post Cloudflare Hacked by Suspected State-Sponsored Threat Actor appeared first on SecurityWeek.
Watch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical Infrastructure
Video: Top US cyber officials testify on China’s cyber threat to U.S. national security and critical infrastrcuture.
The post Watch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical Infrastructure appeared first on SecurityWeek.
US Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt Typhoon
The US government neutralizes a botnet full of end-of-life Cisco and Netgear routers being by a notorious Chinese APT group.
The post US Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt Typhoon appeared first on SecurityWeek.
Ivanti Struggling to Hit Zero-Day Patch Release Schedule
Ivanti is struggling to hit its own timeline for the delivery of patches for critical — and already exploited — flaws in its flagship VPN appliances.
The post Ivanti Struggling to Hit Zero-Day Patch Release Schedule appeared first on SecurityWeek.
Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware
The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan.
The post Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware appeared first on SecurityWeek.
HPE Says Russian Government Hackers Had Access to Emails for 6 Months
HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months.
The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on SecurityWeek.
