SEARCH
Archive
Ivanti Patches New Flaws as Exploits Continue Against Older Ones
Ivanti has released patches for four new vulnerabilities in its Connect Secure and Policy Secure appliances, as Mandiant said it has seen eight separate groups exploiting some older flaws in those devices.
CSRB: Microsoft Should Refocus on Security After Cloud Intrusion
The Cyber Safety Review Board cited a string of internal failures in Microsoft's security culture as contributing factors for the 2023 compromise of more than 20 customers' cloud email inboxes by a Chinese threat group.
U.S. Sanctions, Indicts Alleged Members of Chinese APT31
The U.S. has announced sanctions against a Chinese state-backed company and two individuals, as well as indictments against seven people alleged to part of China's APT31 threat group.
U.S. Leaders Warn of Chinese Attacks on Critical Infrastructure
The Department of Justice has disrupted an attack campaign by Chinese state-sponsored attackers on U.S. critical infrastrucutre and says that country's targeting of civilian resources is a "low blow".
State Actors Targeting WinRAR Flaw in Multiple Campaigns
APT groups from Russia and China are targeting CVE-2023-38831 in WinRAR in multiple campaigns, deploying custom and commodity malware.