Internet Security

Juniper Networks fixed a critical flaw in Session Smart Routers

February 18, 2025 add comment
Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router. Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8),... Read more »

China-linked APT group Winnti targets Japanese organizations since March 2024

February 18, 2025 add comment
China-linked threat actor Winnti targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024 as part of a campaign dubbed RevivalStone. Researchers from cybersecurity firm LAC uncovered... Read more »

Xerox VersaLink C7025 Multifunction printer flaws may expose Windows Active Directory credentials to attackers

February 18, 2025 add comment
Xerox VersaLink C7025 Multifunction printer flaws could allow attackers to capture authentication credentials via pass-back attacks via LDAP and SMB/FTP services. Rapid7 researchers discovered vulnerabilities in Xerox Versalink C7025... Read more »

New XCSSET macOS malware variant used in limited attacks

February 18, 2025 add comment
Microsoft discovered a new variant of the Apple macOS malware XCSSET that was employed in limited attacks in the wild. Microsoft Threat Intelligence discovered a new variant of the macOS malware... Read more »

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

February 17, 2025 add comment
Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. On February 11, 2025, the US, UK, and Australia sanctioned a Russian bulletproof hosting services... Read more »

New Golang-based backdoor relies on Telegram for C2 communication

February 17, 2025 add comment
Netskope Threat Labs researchers discovered a Golang-based backdoor using Telegram for C2 communication, possibly of Russian origin. Netskope Threat Labs found a Golang-based backdoor using Telegram for C2. The... Read more »

Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites

February 17, 2025 add comment
Pro-Russia collective NoName057(16) launched DDoS attacks on Italian sites, targeting airports, the Transport Authority, major ports, and banks. The pro-Russia hacker group NoName057(16) launched a new wave of DDoS... Read more »

whoAMI attack could allow remote code execution within AWS account

February 17, 2025 add comment
Researchers warn that the whoAMI attack lets attackers publish an AMI with a specific name to execute code in an AWS account. Cybersecurity researchers at Datadog Security Labs devised... Read more »

Storm-2372 used the device code phishing technique since August 2024

February 16, 2025 add comment
Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn that threat actor... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33

February 16, 2025 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mobile Indian Cyber Heist: FatBoyPanel And His Massive Data Breach... Read more »
Subscribe to our Newsletter