A set of vulnerabilities dubbed “NachoVPN” allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. […]
Interpol Clamps Down on Cybercrime and Arrests Over 1,000 Suspects in Africa
Operation Serengeti targeted criminal suspects in Africa behind ransomware, business email compromise, digital extortion and scams.
The post Interpol Clamps Down on Cybercrime and Arrests Over 1,000 Suspects in Africa appeared first on SecurityWeek.
NordVPN Black Friday Deal: Save up to 74% on yearly subscriptions
Want the best VPN with a 74% discount? The NordVPN Black Friday deal is live and runs until December 10. This is the perfect chance to lock in a 2-year plan for the low cost of $2.99 per month, with an extra 3 months for free. […]
Over 1,000 arrested in massive ‘Serengeti’ anti-cybercrime operation
Law enforcement agencies in Africa arrested as part of ‘Operation Serengeti’ more than a thousand individuals suspected of being involved in major cybercriminal activities that caused close to $193 million in financial losses all over the world. […]
Why Cybersecurity Leaders Trust the MITRE ATT&CK Evaluations
The “MITRE Engenuity ATT&CK Evaluations: Enterprise” stand out as an essential resource for cybersecurity decision makers. Learn more from Cynet on what to expect in the upcoming 2024 MITRE ATT&CK Evaluation results. […]
VMware Patches High-Severity Vulnerabilities in Aria Operations
The company warns that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks.
The post VMware Patches High-Severity Vulnerabilities in Aria Operations appeared first on SecurityWeek.
IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR
IBM has released patches for two high-severity remote code execution vulnerabilities in Data Virtualization Manager and Security SOAR.
The post IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR appeared first on SecurityWeek.
Hackers exploit critical bug in Array Networks SSL VPN products
America’s Cyber Defense Agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. […]
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution.
The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions
The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of a maximum of 10.0. They were addressed in versions
Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways
CISA warns about attacks exploiting CVE-2023-28461, a critical vulnerability in Array Networks AG and vxAG secure access gateways.
The post Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways appeared first on SecurityWeek.