FreshRSS

🔒
☐ ☆ ✇ The Hacker News

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

By Newsroom — November 30th 2023 at 11:16
A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access,"
☐ ☆ ✇ The Hacker News

CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities

By THN — September 8th 2023 at 05:36
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. “Nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized
☐ ☆ ✇ The Hacker News

Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware

By THN — August 24th 2023 at 15:16
The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure and healthcare entities in Europe and the U.S., cybersecurity company Cisco Talos said in a two-part analysis 
☐ ☆ ✇ The Hacker News

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

By Ravie Lakshmanan — May 25th 2023 at 10:40
The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk ransomware families to strike Windows and Linux systems. "While the group doesn't develop its own ransomware, it does utilize what appears to be one custom-developed tool, an information stealer designed to search for and archive specified file types," Symantec said in a
☐ ☆ ✇ The Hacker News

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

By Ravie Lakshmanan — September 23rd 2022 at 10:21
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a recently disclosed security flaw in Zoho ManageEngine to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. "Zoho ManageEngine PAM360, Password Manager Pro, and Access Manager Plus contain an unspecified vulnerability which allows for remote code execution," the agency
❌