Month: January 2024

  • CISA and FBI Release Known IOCs Associated with Androxgh0st Malware

    DEFENDEDGE

    Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware, to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Androxgh0st malware establishes a botnet for victim identification and exploitation in vulnerable… Read more

  • Known Indicators of Compromise Associated with Androxgh0st Malware

    DEFENDEDGE

    SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Multiple, ongoing investigations and trusted third party reporting yielded the IOCs and TTPs,… Read more

  • The Danger of Deepfake Scams

    DEFENDEDGE

    The rise of artificial intelligence (AI) has enhanced our lives in many ways. In the realm of cybersecurity, AI has bolstered defenses against threats. There are machine learning algorithms, enhanced anomaly detection, and automated response mechanisms for rapid response to and neutralizing threats. However, AI is also being used maliciously by threat actors. A popular… Read more

  • Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved

    DEFENDEDGE

    Juniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Juniper Advisory JSA75752 and apply the necessary updates. Read more

  • Cisco Releases Security Advisory for Cisco Unity Connection

    DEFENDEDGE

    Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability advisory and apply the necessary updates. Read more

  • Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways

    DEFENDEDGE

    Ivanti has released a security update to address an authentication bypass vulnerability (CVE-2023-46805) and a command injection vulnerability (CVE-2024-21887) in all supported versions (9.x and 22.x) of Connect Secure and Policy Secure gateways. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.   Ivanti reports active exploitation of both… Read more

  • Vulnerability Summary for the Week of January 1, 2024

    DEFENDEDGE

     High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info 7-card — fakabao A vulnerability has been found in 7-card Fakabao up to 1.0_build20230805 and classified as critical. Affected by this vulnerability is an unknown functionality of the file shop/alipay_notify.php. The manipulation of the argument out_trade_no leads to sql injection. The… Read more

  • Vulnerability Summary for the Week of December 25, 2023

    DEFENDEDGE

     High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info awslabs — sandbox-accounts-for-events “Sandbox Accounts for Events” provides multiple, temporary AWS accounts to a number of authenticated users simultaneously via a browser-based GUI. Authenticated users could potentially claim and access empty AWS accounts by sending request payloads to the account API… Read more