News

CSO Online40m
ECScape: New AWS ECS flaw lets containers hijack IAM roles without breaking out
Naor Haziz’s discovery shows how a compromised container on EC2-backed ECS tasks can impersonate the ECS agent and steal IAM ...
htxt4h
Attackers disable security solutions to install ransomware
GuidePoint Security has discovered attackers exploiting legitimate drivers to gain access to a device. This is accomplished ...
Fudzilla7h
SonicWall VPN breached in Akira blitz is no zero-day
Just sloppy setups and sneaky driversSonicWall walks back zero‑day fears, addresses credential reuse—and now driver-based evasion—in Gen 7 and newer VPN attacks What first looked like a zero-day ...
Cyber Daily10h
Akira ransomware gang observed using exploiting CPU driver to disable security software
Researchers at GuidePoint Security’s Research and Intelligence Team, also known as GRIT, have observed an Akira affiliate ...
CRN16h
SonicWall Has ‘High Confidence’ Attacks Did Not Exploit Zero-Day Flaw
SonicWall reported that exploitation of a previously disclosed vulnerability has been responsible for recent cyberattacks ...
SecurityWeek19h
SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability
SonicWall investigating reports about a zero-day being exploited in ransomware attacks, but found no evidence of a new ...
SonicWall says recent attack wave involved previously disclosed flaw, not zero-day
The company said it had linked recent hacks to customers’ use of legacy credentials when migrating from Gen 6 to Gen 7 ...
This devious ransomware is able to hijack your system to turn off Microsoft Defender
“The first driver, rwdrv.sys, is a legitimate driver for ThrottleStop. This Windows-based performance tuning and monitoring ...
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older ...