Network Security

The Chinese National Internet Emergency Center has discovered and resolved two significant cases of cyber espionage targeting Chinese technology companies and research institutions. The attacks, suspected to have been orchestrated by U.S. intelligence agencies,...

An updated version of Zloader (2.9.4.0) has been discovered, which includes a Domain Name System (DNS) tunnel for command-and-control (C2) connections, an interactive shell for hands-on keyboard action, and additional features that improve the...

The Wireshark Foundation has announced the release of Wireshark 4.4.2, the latest version of its widely-used network protocol analyzer. This update brings many improvements, including critical bug fixes and enhanced protocol support, further solidifying Wireshark's...

Did you know that a sixteen-letter password is considered unhackable? And what is more expensive: the server or the information stored on it (or was stored on it)? We decided to write a short...

Dell Technologies has disclosed three critical security vulnerabilities affecting its Enterprise SONiC (Software for Open Networking in the Cloud) operating system. These vulnerabilities could allow attackers to compromise affected systems. The vulnerabilities, identified as CVE-2024-45763,...

A critical security vulnerability has been discovered in pfSense version 2.5.2, potentially allowing attackers to execute arbitrary code on affected systems. The flaw, identified as CVE-2024-46538, is a stored cross-site scripting (XSS) vulnerability that...

The Canadian Centre for Cyber Security has warned that a sophisticated Chinese state-sponsored cyber threat actor has been actively scanning Canadian cyber defenses throughout 2024, targeting critical institutions and infrastructure. The reconnaissance scanning has targeted...

Hackers target VPNs primarily to exploit vulnerabilities that allow them to gain unauthorized access to enterprise networks. By infiltrating these systems, hackers aim to identify enterprise assets and establish a foothold for further exploitation. Arctic Wolf...

Researchers have uncovered a sophisticated attack campaign targeting Ivanti Cloud Services Appliance (CSA) users. Nation-state actors are exploiting multiple zero-day vulnerabilities in the CSA to gain unauthorized access to victims' networks and establish a...

VMware has issued a critical advisory (VMSA-2024-0020) detailing multiple vulnerabilities in its NSX and Cloud Foundation products. These vulnerabilities, identified as CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815, could potentially allow malicious actors to execute arbitrary commands,...