OpenSSH Security Update: Mitigating CVE-2023-38408
OpenSSH, a widely used implementation of the Secure Shell protocol (SSH), has released its latest version, OpenSSH 9.3p2. This update addresses a significant security bug, CVE-2023-38408, which…
Evidence-led cyber threat intelligence for defenders. Incident reports, actor profiles and vulnerability analysis — written for the people who have to act on it.
OpenSSH, a widely used implementation of the Secure Shell protocol (SSH), has released its latest version, OpenSSH 9.3p2. This update addresses a significant security bug, CVE-2023-38408, which…
In a recent series of campaigns identified by Proofpoint, university students have been targeted with fraudulent job offers purportedly related to bioscience and health entities. These campaigns,…
In the complex world of cyber threats, it's vital to stay updated on the latest tactics, techniques, and procedures (TTPs) employed by threat actors. Today, we explore a recent…
A critical vulnerability, tracked as CVE-2023-3519 (NVD), has been identified in Citrix ADC and Gateway products. This vulnerability is currently being exploited in the wild and the rate of…
Oracle has released its July 2023 Critical Patch Update (CPU), which includes a staggering 508 new security patches. This update is significant due to the sheer volume of patches and the critical…
A recent investigation by Trend Micro has uncovered a potential supply chain attack targeting the Pakistani government. The attack involves an MSI installer for the Pakistani government app…
Anonymous Sudan, a threat actor group that emerged in January 2023, has been making headlines with its global cyberattacks. The group has targeted a wide range of countries and sectors, including…
In a fascinating turn of events, a threat actor known by the online moniker 'La_Citrix' inadvertently exposed their real identity by infecting their own computer with an information stealer. This…
GCHQ, the UK's intelligence, security, and cyber agency, has just announced the release of CyberChef v10. This latest version of the "Cyber Swiss Army Knife" introduces a host of new features,…
In the ever-evolving landscape of cyber threats, the financially motivated cybercrime group known as FIN8 continues to make waves. Known for their sporadic yet impactful attacks, FIN8 has been…
"Welcome to New York: Exploring TA453's Foray into LNKs and Mac Malware" published by Proofpoint discusses the evolving tactics of TA453, also known as Charming Kitten, APT42, Mint Sandstorm, and…
Ashley Liles, a 28-year-old former IT security analyst from Letchworth Garden City in Hertfordshire, has been convicted of blackmail and unauthorized access to a computer with intent to commit…