A week after the disclosure of the regreSSHion CVE-2024-6387 flaw in OpenSSH, researchers have found a related flaw (CVE-2024-6409) in some recent versions of the library.
APT40 has jumped on these flaws days or even hours within public release, warned a new advisory by CISA, the Australian government and others.
Ben Nahorney, threat intelligence analyst with Cisco, talks about how his team digs into malicious DNS activity to unearth new insights about how threat actors are using infostealers, ransomware and trojans.
Chris Hughes, co-founder of Aquia and a Cyber Innovation Fellow at the Cybersecurity and Infrastructure Security Agency, joins Dennis Fisher to talk about the challenges of supply chain security, working with the government to address systemic issues, and the importance of collaboration.
Researchers have discovered the Eldorado group, which they said has developed and deployed a “highly effective” ransomware builder used to target both Windows and Linux systems.