Latest News Articles
--- TLP:WHITE ---
News
− US and UK sanction 11 TrickBot and Conti cybercrime gang members
The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations.
https://www.bleepingcomputer.com/news/security/us-and-uk-sanction-11-trickbot-and-conti-cybercrime-gang-members/− How China Demands Tech Firms Reveal Hackable Flaws in Their Products
Some foreign companies may be complying—potentially offering China’s spies hints for hacking their customers.
https://www.atlanticcouncil.org/in-depth-research-reports/report/sleight-of-hand-how-china-weaponizes-software-vulnerability/Vulnerabilities
− CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-250a− Actively exploited Apple OS vulnerabilities
Apple has released security updates that address two new vulnerabilities CVE-2023-41064 and CVE- 2023-41061 that affect ImageIO and Wallet respectively. Exploitation of these vulnerabilities could result in arbitrary code execution.
https://www.ncsc.gov.ie/pdfs/Actively_exploited_Apple_OS_vulnerabilities_230908.pdfCommunity News
− MITRE and CISA Release Open Source Tool for OT Attack Emulation
A new extension for the open source Caldera platform that emulates adverse attacks against operational technology (OT) was announced on September 5 by the MITRE Corporation and the US Cybersecurity and Infrastructure Security Agency (CISA). The new Caldera for OT extension was created through collaboration between the Homeland Security Systems
https://www.securityweek.com/mitre-and-cisa-release-open-source-tool-for-ot-attack-emulation/--- TLP:WHITE ---