Tag: Hardware
-
Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS
by
in SecurityNewsCisco has disclosed a significant vulnerability in itsAnyConnect VPN Serverfor Meraki MX and Z Series devices, allowing authenticated attackers to triggerdenial-of-service (DoS)conditions. The flaw (CVE-2025-20212) stems from an uninitialized variable during SSL VPN session establishment and affects over 20 hardware models across enterprise networks. Vulnerability Overview Exploiting this bug requires valid VPN credentials. Attackers can…
-
Microsoft’s AI tool catches critical GRUB2, U-boot bootloader flaws
by
in SecurityNews
Tags: access, ai, control, cybersecurity, exploit, firmware, flaw, Hardware, microsoft, mitigation, monitoring, risk, soc, supply-chain, tool, update, vulnerability, vulnerability-management, zero-dayAI-powered discovery changes the cybersecurity landscape: Microsoft’s Security Copilot tool significantly accelerated the vulnerability identification process, with a particular focus on filesystem implementations due to their high vulnerability potential.”Using Security Copilot, we were able to identify potential security issues in bootloader functionalities, focusing on filesystems due to their high vulnerability potential,” the blog stated. “This…
-
‘Inside the Mind of a Hacker” Report – Die Renaissance des Hardware-Hackings
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/bug-bounty-programme-crowdsourced-security-ethische-hacker-a-ade140db3b24ce6c9637dc1e0462b78c/
-
Altgeräte bedrohen Sicherheit in Unternehmen
by
in SecurityNews
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
Volume of attacks on network devices shows need to replace end of life devices quickly
by
in SecurityNews
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
CISA spots spawn of Spawn malware targeting Ivanti flaw
Resurge an apt name for malware targeting hardware maker that has security bug after security bug First seen on theregister.com Jump to article: www.theregister.com/2025/04/01/cisa_ivanti_warning/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 39
by
in SecurityNews
Tags: android, detection, framework, Hardware, international, malware, marketplace, microsoft, ransomware, serviceSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Microsoft Trusted Signing service abused to code-sign malware Shedding light on the ABYSSWORKER driver VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI Raspberry Robin: Copy…
-
Evolving Raspberry Robin IAB operations uncovered
by
in SecurityNews
Tags: HardwareFirst seen on scworld.com Jump to article: www.scworld.com/brief/evolving-raspberry-robin-iab-operations-uncovered
-
Russia arrests three for allegedly creating Mamont malware, tied to over 300 cybercrimes
by
in SecurityNewsRussian authorities said they arrested three people and seized hardware in an operation against Mamont malware, which specializes in stealing money from Android device users. First seen on therecord.media Jump to article: therecord.media/mamont-banking-malware-arrests-russia
-
Raspberry Robin: From Copy Shop Worm to Russian GRU Cyber Tool
Raspberry Robin, also known as Roshtyak or Storm-0856, has evolved from a simple worm targeting copy shops to First seen on securityonline.info Jump to article: securityonline.info/raspberry-robin-from-copy-shop-worm-to-russian-gru-cyber-tool/
-
Raspberry Robin: From Copy Shop Worm to Russian GRU Cyber Tool
Raspberry Robin, also known as Roshtyak or Storm-0856, has evolved from a simple worm targeting copy shops to First seen on securityonline.info Jump to article: securityonline.info/raspberry-robin-from-copy-shop-worm-to-russian-gru-cyber-tool/
-
CoffeeLoader: A Brew of Stealthy Techniques
by
in SecurityNewsIntroductionZscaler ThreatLabz has identified a new sophisticated malware family that we named CoffeeLoader, which originated around September 2024. The purpose of the malware is to download and execute second-stage payloads while evading detection by endpoint-based security products. The malware uses numerous techniques to bypass security solutions, including a specialized packer that utilizes the GPU, call…
-
Public Accounts Committee calls out legacy IT
by
in SecurityNewsUnsupported and out-of-date software and hardware are hindering the government’s artificial intelligence plans for the public sector First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366621126/Public-Accounts-Committee-calls-out-legacy-IT
-
Raspberry Robin Unveils 200 Unique Domains Used by Threat Actors
by
in SecurityNewsIn a significant development, cybersecurity firm Silent Push has identified nearly 200 unique command and control (C2) domains associated with the Raspberry Robin malware. This discovery sheds new light on the infrastructure used by this sophisticated threat actor group, which has evolved from a USB worm to a formidable initial access broker (IAB) for various…
-
Getting the Most Value Out of the OSCP: The PEN-200 Labs
by
in SecurityNews
Tags: access, ai, attack, compliance, container, cyber, cybersecurity, dns, docker, exploit, firewall, guide, hacking, Hardware, infrastructure, intelligence, jobs, kubernetes, microsoft, mitigation, network, open-source, oracle, penetration-testing, powershell, risk, security-incident, service, siem, skills, technology, tool, training, vmware, vulnerability, windowsHow to leverage the PEN-200 simulated black-box penetration testing scenarios for maximal self-improvement and career success. Disclaimer: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been sponsored or incentivized in any way to recommend or oppose any…
-
Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker
A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin.”Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia,” Silent Push said in a…
-
Meet the Low-Key Access Broker Supercharging Russian State Cybercrime
by
in SecurityNewsRaspberry Robin breaks into organizations and sells access to Russian threat actors, including the military cyber unit behind attempted coups, assassinations, and influence operations throughout Europe. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/access-broker-russian-state-cybercrime
-
Quantenschlüssel aus der Sicht des CISO
by
in SecurityNewsQuantum Key Distribution (QKD) dient dazu, Verschlüsselungsschlüssel sicher zwischen zwei Parteien zu verteilen.Der sogenannte Q-Day, an welchem Quantencomputer leistungsstark genug sind aktuelle Standardmethoden der Verschlüsselung zu knacken, rückt näher. Eine der Lösungen, welche zum Schutz vor dieser Quantenbedrohung entwickelt wurde, ist die sogenannte Quantum Key Distribution (QKD). Das Potenzial von QKD ist immens, ihr aktueller…
-
Rufus ermöglicht Windows-11-24H2-Update auf alter Hardware – In-Place-Upgrade zu 24H2 bei inkompatibler Hardware
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/in-place-upgrade-zu-24h2-bei-inkompatibler-hardware-a-c9dcb3a26d6b2f4d75b4f57e4d16fb62/