Search Results for: CISA
American Water shuts down online services after cyberattack
American Water, the largest publicly traded U.S. water and wastewater utility company, was forced to shut down some of its systems after a Thursday cyberattack. In a filing with the U.S. Securities and Exchange Commission (SEC), American Water said it has already hired third-party cybersecurity experts to help contain and assess the incident’s impact. It […]
Critical Ivanti RCE flaw with public exploit now used in attacks
CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivanti EPM is an all-in-one endpoint management solution that helps admins manage client devices on various platforms, including Windows, macOS, Chrome OS, and IoT operating systems. Tracked […]
Iranian hackers charged for ‘hack-and-leak’ plot to influence election
The U.S. Department of Justice unsealed an indictment charging three Iranian hackers with a “hack-and-leak” campaign that aimed to influence the 2024 U.S. presidential election. Iranian nationals Masoud Jalili, Seyyed Ali Aghamiri, and Yaser Balaghi worked for Iran’s Islamic Revolutionary Guard Corps (IRGC) to hack the accounts of current and former U.S. officials, individuals linked […]
Google sees 68% drop in Android memory safety flaws over 5 years
The percentage of Android vulnerabilities caused by memory safety issues has dropped from 76% in 2019 to only 24% in 2024, representing a massive decrease of over 68% in five years. This is well below the 70% previously found in Chromium, making Android an excellent example of how a large project can gradually and methodically move to […]
Ivanti warns of another critical CSA flaw exploited in attacks
Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers. Tracked as CVE-2024-8963, this admin bypass vulnerability is caused by a path traversal weakness. Successful exploitation allows remote unauthenticated attackers to access restricted functionality on vulnerable CSA systems (used as gateways to provide enterprise users secure […]
Exploit code released for critical Ivanti RCE flaw, patch now
A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The flaw is a deserialization of untrusted data issue impacting Ivanti Endpoint Manager before 2022 SU6 and EPM 2024, which was fixed as part of the September 2024 […]
FBI tells public to ignore false claims of hacked voter data
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks. The two agencies note that malicious actors are spreading disinformation to manipulate public “opinion and undermine confidence in U.S. democratic institutions.” According to […]
RansomHub claims Kawasaki cyberattack, threatens to leak stolen data
Kawasaki Motors Europe has announced that it’s recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data. The company says the attack targeted its EU headquarters, and it is currently analyzing and cleaning any “suspicious material,” such as malware, that may still be lurking on systems. “At the […]
Russian military hackers linked to critical infrastructure attacks
The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces (also known as GRU). In a joint advisory published today, the Russian GRU military intelligence hackers, known for deploying WhisperGate […]
FBI: RansomHub ransomware breached 210 victims since February
Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion […]