Turkish APT Exploits Chat App Zero-Day to Spy Kurds
Even after their zero-day vulnerability turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to patch Output Messenger.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Even after their zero-day vulnerability turned into an n-day, attackers known as Marbled Dust or Sea Turtle continued to spy on military targets that had failed to patch Output Messenger.
AG Says HealthAlliance Tried But Failed to Fix Zero-Day Flaw That Led to ExploitNew York State has levied a $550,000 fine against a healthcare group that tried - but failed - to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data in an incident affecting 242,000 people.
Researchers Discover 20 Critical Flaws Attackers Could Exploit in a Variety of WaysResearchers identified 20 critical vulnerabilities in a type of Advantech industrial-grade wireless access point that's widely deployed across critical infrastructure environments. Attackers could exploit the flaws to remotely executive code and create denials of service.
TA422 Is Targeting Organizations in Europe and North America, Proofpoint SaysA Russian military hacking intelligence group is winning the race to exploit known vulnerabilities before system administrators can apply patches, warns Proofpoint. The firm has seen a spike in activity from TA422, also known as APT28, Fancy Bear and Forest Blizzard.
In the race over Citrix's latest vulnerability, the bad guys have a huge head start, with broad implications for businesses and critical infrastructure providers worldwide.