Latest News Articles
--- TLP:CLEAR ---
News
− Japanese police claim China ran five-year cyberattack campaign targeting local orgs
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details of a years-long series of attacks attributed to a China-backed source
https://www.darkreading.com/cyberattacks-data-breaches/chinese-apt-group-ransacking-japans-secrets− China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports
Chinese cyberspies targeted offices dealing with foreign investments and sanctions in the recent US Treasury hack.
https://www.securityweek.com/china-targeted-foreign-investment-sanctions-offices-in-treasury-hack-reports/− Western Security Agencies Share Advice on Selecting OT Products
CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products.
https://www.cisa.gov/sites/default/files/2025-01/joint-guide-secure-by-demand-priority-considerations-for-ot-owners-and-operators-508c_0.pdf− US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals
TThe US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers.
https://www.securityweek.com/us-charges-3-russians-for-operating-cryptocurrency-mixers-used-by-cybercriminals/Vulnerabilities
− Criminals 'mass exploited' Fortinet firewalls, 'highly probable' zero-day used
Criminals running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according to security researchers.
https://arcticwolf.com/resources/blog/console-chaos-targets-fortinet-fortigate-firewalls/− Critical Aviatrix Controller Vulnerability Exploited Against Cloud Environments
Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments.
https://www.securityweek.com/critical-aviatrix-controller-vulnerability-exploited-against-cloud-environments/− Critical Vulnerability in Fortinet affecting FortiOS and FortiProxy
AAn authentication bypass using an alternate path or channel vulnerability affecting FortiOS and FortiProxy allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket modulePlease note that reports show this is being exploited in the wild.
https://www.ncsc.gov.ie/pdfs/2501140211_Critical_vuln_Fortinet_Products.pdf− Critical Vulnerabilities in Ivanti Connect Secure, Policy Secure & ZTA Gateways
A stack-based buffer overflow in Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA gateways allows a remote, unauthenticated attacker to achieve remote code execution.
https://www.ncsc.gov.ie/pdfs/2501080153_Vulns_Ivanti_Products.pdfCommunity News
− UK floats ransomware payout ban for public sector
NCSC-UK and British Home office opens consultation process on three proposals, includeing a total ban on ransomware payments.
https://www.ncsc.gov.uk/news/your-say-proposals-to-counter-ransomware--- TLP:CLEAR ---