Category: Uncategorized
-

Zero-Day Vulnerability Suspected in Attacks on Fortinet Firewalls with Exposed Interfaces [email protected] (The Hacker News)
Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. “The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes,” cybersecurity firmRead More
-

Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware [email protected] (The Hacker News)
Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin’s efforts to gather economic and political intelligence in Central Asia. The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063, which likely shares overlap with APT28, a nation-state group affiliated with…
-

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that couldRead…
-
Top 12 online cybersecurity courses for 2025
Post ContentRead More
-

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners [email protected] (The Hacker News)
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result inRead More
-
![⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] info@thehackernews.com (The Hacker News)](https://sekuritasit.com/wp-content/uploads/2025/01/recap-ImFSJC.png)
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] [email protected] (The Hacker News)
The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay…
-

Ransomware on ESXi: The mechanization of virtualized attacks [email protected] (The Hacker News)
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound. Most of the Ransomware strands that are attacking ESXi servers nowadays, are…
-

WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables [email protected] (The Hacker News)
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system (CMS). “This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive paymentRead More
-

Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems [email protected] (The Hacker News)
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain. Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use…
-
Top 8 in-demand cybersecurity jobs for 2025 and beyond
Post ContentRead More
