Collaborate Disseminate
Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints ru… Continue reading Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version t… Continue reading SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid atta… Continue reading Defense strategies to counter escalating hybrid attacks
Researchers have uncovered two Mirai-based botnets harnessing Internet of Things (IoT) devices to DDoS target organizations around the world. The Murdoc botnet Qualys researchers have laid bare the “Murdoc” botnet, consisting of some 1,300 … Continue reading Mirai botnet behind the largest DDoS attack to date
Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too many vulnerable devices are still accessible from the Internet and open to a… Continue reading 48,000+ internet-facing Fortinet firewalls still open to attack
The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. “Sophos MDR has obser… Continue reading Ransomware attackers are “vishing” organizations via Microsoft Teams
Attackers are impersonating the Computer Emergency Response Team of Ukraine (CERT-UA) via AnyDesk to gain access to target computers. The request (Source: CERT-UA) “Unidentified individuals are sending connection requests via AnyDesk under the pr… Continue reading CERT-UA warns against “security audit” requests via AnyDesk
Star Blizzard, a threat actor tied to the Russian Federal Security Service (FSB), was spotted attempting to compromise targets’ WhatsApp accounts through a clever phishing campaign. The campaign The campaign started with a spear-phishing email th… Continue reading How Russian hackers went after NGOs’ WhatsApp accounts
If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security vulnerabilities that may be exploited by remote attackers to execute code on th… Continue reading Critical SimpleHelp vulnerabilities fixed, update your server instances!
A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publicized on an underground forum by the threat actor that… Continue reading Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?