Mint Sandstorm- Iran Nation State Actor

Mint Sandstorm- Iran Nation State Actor

A new advisory from Microsoft states that a threat actor associated with Iranian nation-state hackers has been weaponizing N-day vulnerabilities and incorporating new techniques to access environments of interest. The…
Lacework Risk Management Offering

Lacework Risk Management Offering

Lacework has added a new vulnerability risk management capability to its cloud-native application protection. The new offering will combine active package detection, attack path analysis, and in-house data on active…
Google Fixes Second Chrome Zeroday of 2023

Google Fixes Second Chrome Zeroday of 2023

Google has patched another zero-day vulnerability found in Chrome. The vulnerability tracked as CVE-2023-2136, the security defect is described as a high-severity integer overflow issue in Skia. This bug is…
Russian APT 28 Havoc on Cisco Routers

Russian APT 28 Havoc on Cisco Routers

National security agencies from  U.S. and U.K. published an Advisory on the TTPs associated with APT28’s exploitation of Cisco routers using CVE-2017-6742. APT28 is almost certainly a Russian source and…
CISA KEV Update Part IV – April 2023

CISA KEV Update Part IV – April 2023

U.S. CISA has added the following five new issues to its Known Exploited Vulnerabilities Catalog: CVE-2019-8526 – Apple macOS Use-After-Free Vulnerability. The CVE-2019-8526 flaw has been exploited by the DazzleSpy backdoor in watering hole…
LockBit Targets Mac Devices

LockBit Targets Mac Devices

LockBit, has modified its variant that the ransomware strain was seen targeting Mac devices — the first of its kind for a major ransomware operation. Researchers revealed a potential LockBit…