SEARCH
Archive
Attackers Using Suite of Tools to Exploit ManageEngine Flaw
An APT group is using a suite of tools, including KdcSponge, Godzilla, and NGLite, to exploit a known ManageEngine flaw and move laterally.
CISA Warns Iranian APT Targeting US Infrastructure
CISA warned that an unnamed APT group associated with the Iranian government i exploiting known Fortinet and the Exchange ProxyShell bug to gain access to target networks.
‘We Have to Change the Decision Calculus’ to Stop Ransomware
Ransomware groups such as REvil have take some hits recently, but the broader landscape has continued to expand and experts say defenders need to change their thinking in order to address the problem.
CISA Orders Federal Agencies to Patch Hundreds of Known Flaws
Under a new binding operational directive (BOD), CISA has developed a catalog of known, exploited vulnerabilities that federal agencies must address.
New Tools Target Pulse Connect Secure Flaws
CISA has released analyses of five new pieces of malware being used in attacks against known bugs in Pulse Connect Secure appliances.