Beware the “BianLian Group” scam! Cybercriminals are masquerading as this group, threatening corporate execs with extortion letters. Their demand? Pay up or watch your sensitive information go public. The FBI’s Internet Crime Complaint Center (IC3) has issued an alert to keep businesses informed and protected from these digital mischief-makers.

View CSAF: A vulnerability in Hitachi Energy’s Relion 670/650/SAM600-IO series could let a mischievous user with credentials bypass security controls. The CVSS v4 score is 8.6, making it as dangerous as a toddler with a permanent marker. Mitigation includes updating software versions and implementing strict security practices. Keep your systems safe!

When life gives you typo DGAs, make sure your security systems can spot the difference. Our graph-intelligence pipeline uncovered a campaign using typo DGAs, evading detection like a ninja in the night. If you’re worried about rogue domains and sneaky redirects, better call the Unit 42 Incident Response team pronto!

Cisco TMS has reached the end-of-life stage, leaving its vulnerability unpatched. Customers should migrate to alternative service providers and consult Cisco Security Advisories for guidance. For those clinging to TMS, it’s like holding onto a rotary phone in a smartphone world. Time to upgrade!

Cisco’s releasing free software updates to tackle vulnerabilities, but remember, no free lunches here! License holders only, please. For those sans service contracts, get your upgrade by calling Cisco TAC with your product serial number. For more details, visit the Cisco Support and Downloads page.

Malicious traffic distribution systems are like the Swiss Army knives of cybercrime, redirecting victims through a maze of URLs that would make even a GPS question its life choices. From phishing to malvertising, these TDS networks keep attackers one step ahead, proving that crime does pay—just not in a currency you’d want to declare.

View CSAF vulnerabilities like a comedic Greek tragedy: with low attack complexity and high stakes, GMOD Apollo’s software is a hacker’s paradise. Forget the Trojan horse—this one’s full of privilege escalations, bypassed authentications, and sensitive disclosures. But fear not, update to version 2.8.0, and your digital Achilles heel will be patched!

Cyber attackers have a new recipe: searching for secrets files on exposed web servers like a sommelier hunting for the perfect vintage. They even used a Romanian distillery’s network for this “fine selection” of scans. Cheers to them, but remember to secure your .env files and protect those precious credentials!

Beware: a cunning Cisco Webex vulnerability in Release 45.2 could let sneaky hackers access data and credentials if SIP communication isn’t secure. A simple config change can fix it, but if your Webex isn’t in Windows or predates Release 45.2, you’re safe. Time to update or risk being a victim of the digital heist!

Breaking news in the world of digital sleuthing: Jim Clausing’s mac-robber.py script had a sneaky bug causing chaos for soft/symbolic links. The bug is now squashed, so update immediately to keep your forensic investigations on the straight and narrow!

Malware authors are like ninjas with keyboards, using obfuscation techniques to sneak their creations past sandbox security. From Agent Tesla to XWorm, these malware families employ tricks like code virtualization and staged payloads. Static analysis in sandboxes can help uncover their secrets, but automation in unpacking these malware samples would be a game-changer.

The Mark of the Web (MoTW) is like a digital sticky note Windows slaps on files from the Internet, warning your apps to handle them with care. It’s like your computer’s way of saying, “Proceed with caution, this file might have cooties!” Stay vigilant, as sneaky threat actors are constantly finding ways to dodge it.

Wireshark release 4.4.5 swooped in faster than a caffeinated squirrel to fix a bug that made it crash when users clicked on a column header.

JavaGhost, the cyber group that once defaced websites, has now turned to phishing, targeting cloud environments like a digital Houdini. With a knack for exploiting AWS misconfigurations, they’re sending phishing emails to unsuspecting targets. JavaGhost’s new tricks include advanced evasion techniques, but their digital footprints remain detectable, leaving a trail of cyber breadcrumbs.

Join the Internet Storm Center’s latest class, Network Monitoring and Threat Detection In-Depth, in Baltimore from March 3rd to March 8th, 2025. It’s like CSI for the cyber world, minus the sunglasses and dramatic music. Get ready to solve mysteries and keep your network safer than a cat in a room full of rocking chairs.

Dario Health has a sweet (or not-so-sweet) surprise for users of their USB-C Blood Glucose Monitoring System: a buffet of vulnerabilities! From exposing personal info to enabling cross-site scripting, this is one “health” app that’s more of a health hazard. View CSAF for the full scoop on these vulnerabilities and how to mitigate them!

Out-of-bounds Write vulnerability in Schneider Electric’s Modicon M580 and Quantum controllers is raising eyebrows and CVSS scores—9.8, to be precise. This issue could allow a stack overflow attack, potentially leading to device chaos. So, update, isolate, and firewall like your network’s dignity depends on it! View CSAF and stay cyber-safe.

Multiple vulnerabilities found in Siemens A8000 CP-8050 and CP-8031 PLCs include firmware update decryption issues. Using a secure element oracle, encrypted files can be decrypted, revealing sensitive data. This security advisory highlights the importance of firmware updates and the need for vigilance in protecting industrial control systems.

OpenSSH’s VerifyHostKeyDNS-enabled client has vulnerabilities that make it prone to a MitM attack and a DoS attack. The client can fall for an imposter server, while both client and server can be hit by overused memory during a key exchange. Remember, even in the world of tech, appearances can be deceiving!

A suspected Chinese threat actor, CL-STA-0049, is lurking in the digital shadows, targeting governments and sectors across Southeast Asia and South America. Armed with the stealthy Squidoor backdoor, this cyber ninja is all about grabbing sensitive info and blending in. Squidoor’s got more tricks up its binary sleeves than a magician at a tech convention!