Cybersecurity News - Page 51

The company has not been able to resume manufacturing and said it could not yet predict when operations will be restored.

The hacker gained access to FEMA’s Region 6 network via Citrix virtual desktop infrastructure using compromised login credentials.

The malicious version introduced a subtle change that quietly BCC’d all outgoing emails to an email address, potentially leaking sensitive content.

The emails contain malicious Scalable Vector Graphics (SVG) files, which serve as the initial trigger for the infection chain.

Threat actors are breaching networks even where one-time password multi-factor authentication is enabled.

The suspects are believed to have been recruited via the messaging platform Telegram by pro-Russian hackers.

In brief: Hackers are abusing a zero-day bug in Cisco firewalls, Libraesva and Fortra fix critical flaws exploited in the wild, and more.

The attacks remained undetected for an average of 393 days, allowing the attackers to siphon off sensitive data for over a year in some cases.

The multi-stage approach represents an evolution in Coldrivers's tactics, which previously relied mostly on credential phishing.

The company urges all users of the SMA 100 series, including SMA 210, 410, and 500v models, to upgrade as soon as possible.