SSH-Snake Tool Used in Data Exfiltration Attacks

A new threat actor is finding success in relying on open-source software (OSS) security tools and a networking mapping tool called SSH-Snake in its campaigns.

Citrix Warns of Critical NetScaler Console Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Citrix are urging users and administrators to apply updates for the flaw.

New OpenSSH CVE-2024-6409 Flaw Emerges

A week after the disclosure of the regreSSHion CVE-2024-6387 flaw in OpenSSH, researchers have found a related flaw (CVE-2024-6409) in some recent versions of the library.

US, Australian Governments: APT40 Poses Ongoing Threat

APT40 has jumped on these flaws days or even hours within public release, warned a new advisory by CISA, the Australian government and others.

How to Unearth Ransomware, Infostealer Trends From Malicious Domain Data

Ben Nahorney, threat intelligence analyst with Cisco, talks about how his team digs into malicious DNS activity to unearth new insights about how threat actors are using infostealers, ransomware and trojans.