Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product. The post Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability appeared first on SecurityWeek. Original link(Originally posted by Eduard Kovacs)

The LockBit ransomware gang leaks data allegedly stolen from government contractor Tyler Technologies. The post Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

Microsoft PlayReady vulnerabilities that could allow rogue subscribers to illegally download movies from popular streaming services. The post Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services appeared first on SecurityWeek. Original link(Originally posted by Eduard Kovacs)

Vulnerabilities in Palo Alto Networks Cortex XDR allowed a security researcher to turn it into a malicious offensive tool. The post Research Shows How Attackers Can Abuse EDR Security Products appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

A hack that caused a small Texas town’s water system to overflow in January has been linked to a shadowy Russian hacktivist group, the latest case of a U.S. public utility becoming a target of foreign cyberattacks. The post Rural Texas Towns Report Cyberattacks That Caused One Water System to Overflow appeared first on SecurityWeek. Original link(O...

CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400. The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)

WecontinuecoveringtheactivitiesoftheAPTgroupToddyCat.Inourpreviousarticle,wedescribedtoolsforcollectingandexfiltratingfiles(LoFiSeandPcExter).Thistime,wehaveinvestigatedhowattackersobtainconstantaccesstocompromisedinfrastructure,whatinformationonthehoststheyareinterestedin,andwhattoolstheyusetoextractit. ToddyCatisanAPTgroupthatpredominantlytargets...

MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability. The post MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days appeared first on SecurityWeek. Original link(Originally posted by Eduard Kovacs)

Cannes Hospital Centre – Simone Veil cancels medical procedures after shutting down systems in response to a cyberattack. The post Cannes Hospital Cancels Medical Procedures Following Cyberattack appeared first on SecurityWeek. Original link(Originally posted by Ionut Arghire)