Security researchers warn of ongoing exploitation of a critical vulnerability in SonicWall’s SonicOS. Key Findings: Ongoing Exploitation and Threat Landscape SonicWall initially patched CVE-2024-53704 after researchers from Computest Security disclosed the flaw. At the time of the patch release, the company stated it had no evidence of active exploitation. However, subsequent findings suggest otherwise. Researchers […]
Blog Grid
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning of recent ransomware activity by the group known as Ghost, also referred to as Cring. According to the advisory released on Wednesday, the group has been actively exploiting vulnerabilities in software and firmware as recently as January. Operating from China, […]
Digital payments leader PayPal has agreed to pay a $2 million fine following a cybersecurity incident in December 2022 that exposed thousands of Social Security numbers, according to New York state regulators. The penalty resolves violations of New York’s financial cybersecurity regulations, which require companies like PayPal to employ qualified personnel to manage critical cybersecurity […]
A team of researchers has uncovered over 100 security vulnerabilities affecting LTE and 5G network implementations, which could potentially be exploited to disrupt services or gain unauthorized access to cellular core networks. The study identified 119 vulnerabilities, with 97 assigned unique CVE identifiers, spanning seven LTE implementations—Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, and srsRAN—and three […]
State-linked hackers were implicated in a series of cyberattacks in December, resulting in the theft of unclassified data from the U.S. Treasury Department, among other incidents. BeyondTrust confirmed that 17 customers were affected by the attack, which involved the compromise of a Remote Support SaaS API key. The attack, attributed to a state-linked threat actor, […]
Conduent, a New Jersey-based contractor that provides technology solutions for social service agencies and transit systems across the U.S., has confirmed that it was the target of a cyberattack. The incident disrupted operations and caused delays in child support payment processing in multiple states, including Wisconsin. The attack first came to light when Wisconsin officials […]