Moldovan botnet operator Alexander Lefterov, also known as Alipatime, Alipako, and Uptime, has been indicted by the U.S. Department of Justice for his involvement in widespread attacks against U.S.-based computers, BleepingComputer reports.
SecurityWeek reports that Siemens has confirmed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall may be impacted by the actively exploited Palo Alto Networks firewall vulnerability, tracked as CVE-2024-3400.
Vulnerable CrushFTP file transfer server software instances impacted by a critical virtual file system escape zero-day have been subjected to ongoing targeted attacks that could enable the download of system files, Security Affairs reports.
BleepingComputer reports that ongoing attacks exploiting the critical Palo Alto Networks PAN-OS command injection flaw, tracked as CVE-2024-3400, could still compromise nearly 22,500 Palo Alto GlobalProtect firewall instances around the world despite the availability of patches.
BlackBerry researchers disclosed that a major U.S.-based multinational automaker had been targeted by the FIN7 hacking group in a spear-phishing attack late last year that sought to facilitate systems compromise with the Anunak malware, BleepingComputer reports.
BleepingComputer reports that vulnerable TP-Link Archer AX21 routers impacted by the year-old high-severity unauthenticated command injection flaw, tracked as CVE-2023-1389, have been targeted by at least six botnets.