Cyber News & Articles

Cyber News & Articles

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches 

Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0.
“Multiple Moxa PT switches are vulnerable to an authentication bypass because of flaws in their

read more
Cyber News & Articles

CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV List 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –

CVE-2024-57968 – An unrestricted file upload vulnerability in Advantive VeraCore

read more
Cyber News & Articles

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials 

Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on.
“The polymorphic extensions create a pixel perfect replica of the target’s icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely convincing for victims to believe that they are providing credentials to

read more
Cyber News & Articles

Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links 

The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024.
“The campaign, which leverages social media to distribute malware, is tied to the region’s current geopolitical climate,” Positive Technologies researchers Klimentiy Galkin and Stanislav Pyzhov said in an analysis published last week.

read more
Cyber News & Articles

Why The Modern Google Workspace Needs Unified Security 

The Need For Unified Security
Google Workspace is where teams collaborate, share ideas, and get work done. But while it makes work easier, it also creates new security challenges. Cybercriminals are constantly evolving, finding ways to exploit misconfigurations, steal sensitive data, and hijack user accounts. Many organizations try to secure their environment by piecing together different

read more
Cyber News & Articles

⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact 

Cyber threats today don’t just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds—ranging from nation-state espionage and ransomware to manipulated AI chatbots—the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our

read more
Cyber News & Articles

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools 

A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services.
Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malware

read more
Cyber News & Articles

Feds Link $150M Cyberheist to 2022 LastPass Hacks 

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion.

read more
Cyber News & Articles

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations 

Threat hunters have shed light on a “sophisticated and evolving malware toolkit” called Ragnar Loader that’s used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil).
“Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations,” Swiss

read more

NEW CUSTOMERS CALL TODAY: 720.221.6804  |  EXISTING CUSTOMERS REQUIRING SUPPORT: 303.617.6442

X