Tag: #InfoSec
Cisco’s NX-OS zero-day vulnerability (CVE-2024-20399) has been actively exploited by the Chinese state-sponsored threat actor known as Velvet Ant, highlighting the urgent need for cybersecurity professionals and network administrators to secure affected systems. In a forensic investigation led by Sygnia, it was discovered that Velvet Ant gained administrator-level credentials to access Cisco Nexus switches and […]
A critical GitLab vulnerability has been identified, tracked as CVE-2024-5655, affecting certain versions of GitLab Community and Enterprise Editions. This severe issue, with a CVSS score of 9.6 out of 10, enables attackers to run pipelines as any user, posing a significant security risk. It impacts all GitLab CE/EE versions from 15.8 through 16.11.4, 17.0.0 […]
F5 BIG-IP malware has emerged as a serious threat to network security, exploiting vulnerabilities in widely used network traffic management devices. A recent report by Sygnia, a cybersecurity firm, details a concerning campaign by the suspected Chinese hacking group “Velvet Ant” that leveraged F5 BIG-IP malware to gain persistent network access and steal sensitive data […]