Nation-State US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack The US government's CFPB sent an email with a simple directive: “Do NOT conduct CFPB work using mobile voice calls or text messages.” SecurityWeek NewsNovember 8, 2024
Network Security HPE Patches Critical Vulnerabilities in Aruba Access Points HPE this week warned of two critical vulnerabilities in Aruba Networking access points that could lead to unauthenticated command injection. Ionut ArghireNovember 8, 2024
Nation-State NCSC Details ‘Pygmy Goat’ Backdoor Planted on Hacked Sophos Firewall Devices A stealthy network backdoor found on hacked Sophos XG firewall devices is programmed to work on a broader range of Linux-based devices. Ryan NaraineNovember 1, 2024
Artificial Intelligence WhiteRabbitNeo: High-Powered Potential of Uncensored AI Pentesting for Attackers and Defenders Version 2.5 of WhiteRabbitNeo is designed to think like a seasoned red team expert, capable of identifying and exploiting vulnerabilities with remarkable speed and... Kevin TownsendOctober 30, 2024
Network Security Cisco Patches Vulnerability Exploited in Large-Scale Brute-Force Campaign Cisco has released patches for multiple vulnerabilities in ASA, FMC, and FTD products, including an exploited flaw. Ionut ArghireOctober 24, 2024
Malware & Threats Fortinet Confirms Zero-Day Exploit Targeting FortiManager Systems Fortinet confirms zero-day exploits hitting critical (CVSS severity score 9.8/10) remote code execution bug in the FortiManager platform. Ryan NaraineOctober 23, 2024