Our news

  • CISA and Partners Release Advisory on Ghost (Cring) Ransomware

    Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released a joint Cybersecurity Advisory, #StopRansomware: Ghost (Cring) Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with Ghost ransomware activity identified through FBI investigations. Ghost actors…

    READ MORE

  • #StopRansomware: Ghost (Cring) Ransomware

    Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see…

    READ MORE

  • Vulnerability Summary for the Week of February 10, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info ABB–System 800xA  A vulnerability exists in the VideONet product included in the listed System 800xA versions, where VideONet is used.  An attacker who successfully exploited the vulnerability could, in the worst case scenario, stop or manipulate the video feed. This issue affects System 800xA:…

    READ MORE

  • CISA Releases Twenty Industrial Control Systems Advisories

    CISA released twenty Industrial Control Systems (ICS) advisories on February 13, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-044-01 Siemens SIMATIC S7-1200 CPU Family ICSA-25-044-02 Siemens SIMATIC ICSA-25-044-03 Siemens SIPROTEC 5 ICSA-25-044-04 Siemens SIPROTEC 5 ICSA-25-044-05 Siemens SIPROTEC 5 Devices ICSA-25-044-06 Siemens RUGGEDCOM APE1808 Devices ICSA-25-044-07 Siemens…

    READ MORE

  • AI Agents: The Rising Threat in Cybercrime

    Artificial Intelligence (AI) Agents are now being used by hackers to broaden their scope of attacks. AI agents are autonomous systems powered by artificial intelligence that can independently perform tasks, make decisions, and adapt to new situations, often learning from data to carry out complex actions with little to no human intervention. They can be…

    READ MORE

  • Is DeepSeek Lying to You? Unmasking the AI’s Data Deception

    In the world we live in today, where Artificial Intelligence is gaining more prevalence in usage among the average user, trust is a subjective case in which one needs to maintain discipline & cordiality. DeepSeek is an AI platform that originated in China and has obtained a mass following in popularity with people around the…

    READ MORE

  • Vulnerability Summary for the Week of February 3, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info .TUBE gTLD–.TUBE Video Curator  Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in .TUBE gTLD .TUBE Video Curator allows Reflected XSS. This issue affects .TUBE Video Curator: from n/a through 1.1.9. 2025-02-03 7.1 CVE-2025-23799 2N–2N Access Commander  2N Access Commander version…

    READ MORE

  • CISA Partners with ASD’s ACSC, CCCS, NCSC-UK, and Other International and US Organizations to Release Guidance on Edge Devices

    CISA—in partnership with international and U.S. organizations—released guidance to help organizations protect their network edge devices and appliances, such as firewalls, routers, virtual private networks (VPN) gateways, Internet of Things (IoT) devices, internet-facing servers, and internet-facing operational technology (OT) systems. The published guidance is as follows: “Security Considerations for Edge Devices,” led by the Canadian…

    READ MORE

  • How the Mexican Drug Cartels Relate to Cybersecurity

    Mexican drug cartels have adopted the same diversification strategies as successful business moguls like the investors of Shark Tank to safeguard their empires. They have ventured into 21st-century cybercrimes, including phishing, vishing, ransomware, and pig butchering scams. These Mexican cartels utilize both traditional fiat currencies and cryptocurrencies to conduct their illicit activities. The cartels have…

    READ MORE

  • Vulnerability Summary for the Week of January 27, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 0xPolygonZero–plonky2  Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always include the 0 -> 0 input-output pair. Thus a malicious prover can always prove that f(0) =…

    READ MORE