FlagThis

An authentication bypass vulnerability (CVE-2024-53704) in SonicWall firewalls is being actively exploited following the public release of a proof-of-concept exploit. The vulnerability, rated 9.3 on the CVSS scale, allows attackers to bypass authentication, emphasizing the critical need for patching.

India’s central bank, the Reserve Bank of India (RBI), is introducing an exclusive bank.in domain for banks to combat digital financial fraud. The goal is to reduce cybersecurity threats, phishing, and streamline financial services, thereby increasing trust in digital banking and payment services. The move aims to improve trust in financial services sector, by adopting dedicated second-level domains – bank.in and fin.in.

Multiple botnets, including FICORA (Mirai variant) and CAPSAICIN (Kaiten variant), are actively exploiting known vulnerabilities in older D-Link routers to conduct DDoS attacks and propagate malware. These botnets target vulnerabilities in the HNAP interface, allowing remote attackers to execute malicious commands. The ongoing attacks highlight the persistent risks associated with outdated and unpatched devices, emphasizing the need for users to update or replace vulnerable equipment immediately.