Cisco’s NX-OS zero-day vulnerability (CVE-2024-20399) has been actively exploited by the Chinese state-sponsored threat actor known as Velvet Ant, highlighting the urgent need for cybersecurity professionals and network administrators to secure affected systems. In a forensic investigation led by Sygnia, it was discovered that Velvet Ant gained administrator-level credentials to access Cisco Nexus switches and […]
Cybercriminals are launching sophisticated attacks against Microsoft 365 and Gmail users with a new and dangerous phishing kit called Tycoon 2FA. This tool poses a serious threat because it bypasses two-factor authentication (MFA), a security measure many users rely on to protect their accounts. Tycoon 2FA: Multi-Stage Deception Security researchers at Sekoia discovered Tycoon 2FA […]