U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise…
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk TyphoonRead More
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. “These switches are widely used in building and home automation…
Critical Flaws in WGS-804HPT Switches Enable RCE and Network ExploitationRead More
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform Proliferation
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia. “Over the past two months, a significant volume of attacks from Python-based bots has been observed,…
Python-Based Bots Exploiting PHP Servers Fuel Gambling Platform ProliferationRead More
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and…
How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?Read More
U.S. Sanctions North Korean IT Worker Network Supporting WMD Programs
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People’s Republic of Korea (DPRK) by dispatching IT…
U.S. Sanctions North Korean IT Worker Network Supporting WMD ProgramsRead More
New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that’s capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024. The nascent phishing kit…
New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code BypassRead More