Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices.
This includes custom web shells such as BUSHWALK, CHAINLINE, FRAMESTING, and a variant of LIGHTWIRE.
Share this article on social media:
Stay on top of cybersecurity risks, evolving threats and industry news.
Palo Alto Networks has disclosed a critical security vulnerability (CVE-2024-3393) affecting their PAN-OS software that allows attackers to trigger denial-of-service conditions through DNS Security features. The actively exploited flaw carries
Microsoft is warning developers to update their .NET-related applications and pipelines as two critical domains, “dotnetcli.azureedge.net” and “dotnetbuilds.azureedge.net,” will soon be discontinued due to CDN provider Edgio’s bankruptcy. The domains
CISA has confirmed that the U.S. Treasury Department was the sole federal agency affected by the recent BeyondTrust Remote Support compromise. The incident, which occurred in early December 2024, involved
* Aucun fournisseur de courriel personnel permis (e.g: gmail.com, hotmail.com, etc.)
