A serious remote code execution flaw has been discovered and patched in Palo Alto Networks’ GlobalProtect product. Last week, Palo Alto Networks published an advisory after researchers Orange Tsai and Meh Chang published a blog post mentioning the susceptibility. The researchers also issued proof-of-concept (PoC) code and offered a command that Continue Reading
Attackers have stolen SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB), and divulged Russian intelligence projects. Russian media says that SyTech has been working with FSB since 2009, especially, they contributed to numerous projects for FSB unit 71330 and for fellow contractor Quantum. The latest project is the development of Nalog-3 Continue Reading
The Drupal CMS team has issued a security update to address a serious severity access bypass susceptibility in the CMS’ principal element that could let attackers capture of affected sites. Only a restricted set of websites running on the Drupal CMS are impacted as per the security recommendation given that the Continue Reading
What is Threat, or cyber threat, Intelligence? “Threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and action-oriented advice about an existing or emerging menace or hazard to assets. This intelligence can be used to inform decisions regarding the subject’s response to that menace or hazard.” — Gartner Threat, Continue Reading
Researchers at Intezer security have revealed a new backdoor directing Linux systems with the objective of spying on users. The threat, dubbed EvilGnome, camouflages as a Gnome extension and seems associated to the Gamaredon Group, a supposed Russian threat actor. The examined sample seems to be a test version that was uploaded Continue Reading
By