Internet Security

Microsoft Patch Tuesday updates for January 2025 fixed three actively exploited flaws

January 15, 2025 add comment
Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities, including three actively exploited issues. Microsoft Patch Tuesday security updates for January 2025 addressed 161 vulnerabilities in Windows... Read more »

U.S. CISA adds Fortinet FortiOS to its Known Exploited Vulnerabilities catalog

January 15, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiOS authorization... Read more »

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

January 15, 2025 add comment
The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS... Read more »

CVE-2024-44243 macOS flaw allows persistent malware installation

January 15, 2025 add comment
Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched... Read more »

FBI deleted China-linked PlugX malware from over 4,200 US computers

January 14, 2025 add comment
The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along... Read more »

Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

January 14, 2025 add comment
Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cyber espionage campaign... Read more »

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

January 14, 2025 add comment
Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf researchers observed a campaign targeting Fortinet FortiGate firewalls... Read more »

Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners

January 14, 2025 add comment
A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerability, tracked as... Read more »

U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

January 13, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Inexperienced actors developed the FunkSec ransomware using AI tools

January 13, 2025 add comment
FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late... Read more »
Subscribe to our Newsletter