Microsoft creates fake Azure tenants to pull phishers into honeypots
Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals in to collect intelligence about them. With the collected data, Microsoft can map malicious infrastructure, gain a deeper understanding of sophisticated phishing operations, disrupt campaigns at…
PART I – perfctl: A Stealthy Malware Targeting Millions of Linux Servers
In this blog post, Aqua Nautilus researchers aim to shed light on a Linux malware that, over the past 3-4 years, has actively sought more than 20,000 types of misconfigurations in order to target and exploit Linux servers. If you have a Linux server connected…
PART II – perfctl: A Stealthy Malware Targeting Millions of Linux Servers
Read the first part at: https://iotsecuritynews.com/wp-admin/post.php?post=8009&action=edit Detection of “Perfctl” Malware To detect Perfctl malware you look for unusual spikes in CPU usage, or system slowdown if the rootkit has been deployed on your server. These may indicate cryptomining activities, especially during idle times. Monitoring Suspicious…
Mitsubishi Electric MELSEC iQ-F FX5-OPC
1. EXECUTIVE SUMMARY 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a Denial-of-Service (DoS) condition on the product by getting a legitimate user to import a specially crafted PKCS#12 format certificate. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The…
Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability
Summary A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due…
Cisco Catalyst SD-WAN Routers Denial of Service Vulnerability
Summary A vulnerability in the process that classifies traffic that is going to the Unified Threat Defense (UTD) component of Cisco IOS XE Software in controller mode could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device….
Schneider Electric Security Notification-Vijeo Designer
10 September 2024OverviewSchneider Electric is aware of a vulnerability in its Vijeo Designer product. The Vijeo Designer product is HMI Configuration Software compatible with Harmony and Magelis HMI. Vijeo Designer software offers functions such as multimedia capabilities and remote access for more efficiency.Failure to apply…
DragonForce Ransomware Expands RaaS, Targets Firms Worldwide
DragonForce ransomware is expanding its RaaS operation and becoming a global cybersecurity threat against businesses. Companies must implement strong cybersecurity strategies to defend against this growing ransomware attack and avoid becoming victims. Ransomware attacks are growing, leaving organizations vulnerable to new and more sophisticated threats. According…
ABB Relion 630 Series Protection RelaysIEC 61850 MMS and improper Input Validation Vulnerabilities
NoticeThe information in this document is subject to change without notice, and should not be construed as a commitment by ABB.ABB provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and…
Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw
Suspected China-linked APT Earth Baxia targeted a government organization in Taiwan by exploiting a recently patched OSGeo GeoServer GeoTools flaw. Trend Micro researchers reported that China-linked APT group Earth Baxia has targeted a government organization in Taiwan and potentially other countries in the Asia-Pacific (APAC)…
Stay connected