Latest security news
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
- Security Bugs in a Popular Phone-Tracking App Exposed Users’ Precise Locations
- Google Ad for Facebook Redirects to Scam
- Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike
- Iran Dupes US Military Contractors, Gov't Agencies in Cyber Campaign
- Major Security Flaws Expose Keystrokes of Over One Billion Chinese Keyboard App Users
- Report: Attacker Dwell Time Down, Ransomware up in 2023
- Hackers Publish Fake Story About Ukrainians Attempting To Assassinate Slovak President
- Report: Fifth of UK Companies Admit Staff Leaked Data via GenAI
- US Gov Slaps Visa Restrictions on Spyware Honchos
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
- Global attacker median dwell time continues to fall
- North Korean Hackers Targeted Dozens of South Korean Defense Companies
- FTC Commercial Surveillance Rules Could Arrive Within Months, Sources Say
- US Treasury Sanctions Iranians Linked to Government Cyberattacks
- Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday. First confirmed activity observed by a Cisco customer dates to early January 2024 but the actual attacks started in November 2023. “Further, we have identified evidence that suggests this capability was being tested and developed as …
(C) Do-Know.com (http://do-know.com/). Do not copy without permission from info at do-know.com.