Category: Uncategorized
-
Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression Kevin Townsend
Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. The post Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression appeared first on SecurityWeek. Read More
-
Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology Kevin Townsend
YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology. The post Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology appeared first on SecurityWeek. Read More
-
Armis Acquires Silk Security for $150 Million Eduard Kovacs
Armis has acquired cyber risk prioritization and remediation company Silk Security for $150 million. The post Armis Acquires Silk Security for $150 Million appeared first on SecurityWeek. Read More
-

Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks [email protected] (The Hacker News)
A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent threat (APT) group tracked as Sandworm (aka APT44 orRead More
-
Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks Ionut Arghire
Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services. The post Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks appeared first on SecurityWeek. Read More
-
Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product Ionut Arghire
Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek. Read More
-
Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities Ionut Arghire
Chrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs. The post Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. Read More
-
Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 Eduard Kovacs
Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44. The post Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 appeared first on SecurityWeek. Read More
-

GenAI: A New Headache for SaaS Security Teams [email protected] (The Hacker News)
The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers…
-

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware [email protected] (The Hacker News)
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account. Armed with this access, aRead More
