Posing as cyber samaritans, scumbags are kicking folks when they're down| www.theregister.com
It's still not calling it ransomware| www.theregister.com
Petty officer Wenheng Zhao admitted to taking as many as 14 payoffs in return for non-public military information| www.theregister.com
Issue has been patched so be sure to check your implementations| www.theregister.com
: Spies come in from the cold for their first public chinwag| www.theregister.com
Rising number of RaaS baddies drive global attack numbers up 200%| www.theregister.com
: BlackTech crew looking to steal sensitive data traffic| www.theregister.com
Volexity has uncovered active in-the-wild exploitation of two vulnerabilities allowing unauthenticated remote code execution in Ivanti Connect Secure VPN appliances. An official security advisory and knowledge base article have been released by Ivanti that includes mitigation that should be applied immediately. However, a mitigation does not remedy a past or ongoing compromise. Systems should simultaneously be thoroughly analyzed per details in this post to look for signs of a breach.| Volexity
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework.How to use the KEV CatalogThe KEV catalog is also available in these formats:| Cybersecurity and Infrastructure Security Agency CISA