Another zero-day vulnerability in SolarWinds Serv-U product exploited by cyber criminals
Similar Posts
Pakistani Man Involved in AT&T Hacking Scheme Sentenced to Prison in U.S.
Muhammad Fahd, a 35-year-old Pakistani national, has been sentenced to 12 years of prison in the United States for his role in a scheme that involved illegally unlocking AT&T phones and hacking into the telecoms giant’s systems. The scheme started in 2012, when Fahd and others recruited AT&T call center employees for help in unlocking…
Lawyer charged in probe of Trump-Russia investigation
The prosecutor tasked with examining the U.S. government’s investigation into Russian election interference charged a prominent cybersecurity lawyer on Thursday with making a false statement to the FBI. The case against the attorney, Michael Sussmann, is just the second prosecution brought by special counsel John Durham in two-and-a-half years of work. Yet neither case brought…
REvil Decryption Key Posted on Cybercrime Forum
Endpoint Security , Fraud Management & Cybercrime , Ransomware But the Key Appears to Only Unlock Files Encrypted in the Kaseya Attack Jeremy Kirk (jeremy_kirk) • August 11, 2021 Someone posted a link to this image that contains a decryption key for files encrypted in the Kaseya attack. There’s yet another twist in…
Critical F5 BIG-IP Flaw Now Under Active Attack
Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw (CVE-2021-22986) exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full control over a vulnerable system.
U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw
The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system. “Mass exploitation of Atlassian Confluence CVE-2021-26084 is ongoing and expected to accelerate,” the Cyber National Mission…
New zero-click iPhone exploit used to deploy NSO spyware
Digital threat researchers at Citizen Lab have uncovered a new zero-click iMessage exploit used to deploy NSO Group’s Pegasus spyware on devices belonging to Bahraini activists. In total, nine Bahraini activists (including members of the Bahrain Center for Human Rights, Waad, Al Wefaq) had their iPhones hacked in a campaign partially orchestrated by a Pegasus operator linked with high confidence…