The newly discovered SuperBlack ransomware has been exploiting two vulnerabilities in Fortinet firewalls.
The post Recent Fortinet Vulnerabilities Exploited in ‘SuperBlack’ Ransomware Attacks appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Unpatched Edimax Camera Flaw Exploited Since at Least May 2024
A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year.
The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek.
FreeType Zero-Day Being Exploited in the Wild
Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.
The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek.
Cisco Patches 10 Vulnerabilities in IOS XR
Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs.
The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek.
Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign
Threat actors are likely targeting Grafana path traversal bugs for reconnaissance in a SSRF exploitation campaign targeting popular platforms.
The post Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign appeared first on SecurityWeek.
Microsoft Warns of Hospitality Sector Attacks Involving ClickFix
A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering.
The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared first on SecurityWeek.
DeepSeek’s Malware-Generation Capabilities Put to Test
Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers.
The post DeepSeek’s Malware-Generation Capabilities Put to Test appeared first on SecurityWeek.
North Korean Hackers Distributed Android Spyware via Google Play
The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play.
The post North Korean Hackers Distributed Android Spyware via Google Play appeared first on SecurityWeek.
Medusa Ransomware Made 300 Critical Infrastructure Victims
CISA, FBI, and MS-ISAC warn of Medusa ransomware attacks targeting critical infrastructure organizations.
The post Medusa Ransomware Made 300 Critical Infrastructure Victims appeared first on SecurityWeek.
Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution
Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM.
The post Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution appeared first on SecurityWeek.