Threat Actor abusing free Cloudflare Argo Tunnels for C2 contained by Beazley Security MDR.
Nov 13 - 9 Min Read
Fog ransomware is a relatively new ransomware family first reported in June 2024, targeting mainly the education sector. Most of the victim organizations are in the education sector with majority of them being located in the United States.
Oct 5 - 3 Min Read
More research coming soon, in the mean time, check out our advisories
On November 18th, Palo Alto Networks published an advisory regarding a critical vulnerability in their PAN-OS software, a core component for their next-generation firewall product line.
Nov 18 - 3 Min Read
On October 24th, 2024, Cisco published an advisory regarding a critical vulnerability in their Adaptive Security Appliance (ASA) Software, a core component of their firewall and VPN appliances. The vulnerability is due to insufficient user input validation and can be abused by a remote authenticated attacker to execute arbitrary commands as the root account.
Oct 30 - 4 Min Read
On October 23rd, 2024, Fortinet published an advisory regarding active exploitation of the FortiManager platform, a solution used to centrally manage Fortinet products. The advisory discloses a critical severity vulnerability, nicknamed FortiJump.
Oct 23 - 4 Min Read
On October 9th, 2024, cyber security firm Horizon3 published a blog post detailing multiple critical vulnerabilities they discovered in Palo Alto’s Expedition product. Expedition is a utility tool that allows Palo Alto clients to migrate firewall configurations from other vendor products to Palo Alto devices.
Oct 11 - 2 Min Read
On September 26th, 2024, an independent researcher disclosed a critical vulnerability in CUPS, a printing software package commonly used in Linux systems. CUPS may be enabled by default on some versions of Linux, meaning a server not intended or used as a printer server may still be vulnerable as a result.
Sep 27 - 2 Min Read