In a major victory for international cybersecurity efforts, a coordinated law enforcement operation codenamed “MORPHEUS” has successfully disrupted a significant cybercrime infrastructure built around the penetration testing tool Cobalt Strike. Led by the United Kingdom’s National Crime Agency (NCA) in collaboration with authorities from Australia, Canada, Germany, the Netherlands, Poland, and the United States, the […]
Cisco’s NX-OS zero-day vulnerability (CVE-2024-20399) has been actively exploited by the Chinese state-sponsored threat actor known as Velvet Ant, highlighting the urgent need for cybersecurity professionals and network administrators to secure affected systems. In a forensic investigation led by Sygnia, it was discovered that Velvet Ant gained administrator-level credentials to access Cisco Nexus switches and […]
A critical GitLab vulnerability has been identified, tracked as CVE-2024-5655, affecting certain versions of GitLab Community and Enterprise Editions. This severe issue, with a CVSS score of 9.6 out of 10, enables attackers to run pipelines as any user, posing a significant security risk. It impacts all GitLab CE/EE versions from 15.8 through 16.11.4, 17.0.0 […]