A server linked to the KeyPlug malware exposed various exploitation tools targeting Fortinet firewalls and VPNs, attributed to the RedGolf threat group. The server revealed multiple scripts exploiting vulnerabilities like CVE-2024-23108 and CVE-2024-23109, allowing unauthorized access to device controls. Evidence suggests potential corporate espionage, with a focus on Shiseido, underscoring the need for immediate security measures.
Microsoft Warns of Ransomware Exploiting Cloud Environments with New Techniques
Microsoft warns of sophisticated ransomware attacks in Q1 2025, targeting hybrid cloud environments through vulnerabilities in on-premises and cloud services. Notably, North Korean group Moonstone
