exploits Tag

The US Cybersecurity and Infrastructure Security Agency (CISA) has released seven advisories this week about vulnerabilities in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) software from various vendors. These advisories cover critical flaws, two of which have public exploits.   The affected products include ScadaFlex II controllers made by Industrial Control Links, Screen Creator Advance 2 and Kostac PLC programming software from JTEKT...

Read More
stolen password

Cybercriminals are increasingly turning to stolen credentials as a valuable commodity on the underground market. According to a report by cybersecurity firm Flashpoint, last year saw 4,518 data breaches reported, with attackers stealing or exposing 22.62 billion credentials and personal records.   Over 60% of these were stolen from organizations in the information sector. Flashpoint's database of threat intelligence includes 575 million posts on illegal forums, 3.6...

Read More

The North Korea-linked threat actor tracked as APT37 has been linked to a piece of new malware dubbed M2RAT in attacks targeting its southern counterpart, suggesting continued evolution of the group's features and tactics. APT37, also tracked under the monikers Reaper, RedEyes, Ricochet Chollima, and ScarCruft, is linked to North Korea's Ministry of State Security (MSS) unlike the Lazarus and...

Read More