Cyber Security Headlines CISA’s Commvault warning, updated Killnet returns, fake VPN malware
8 snips
May 26, 2025 CISA has alerted Commvault clients about a concerning campaign that targets cloud applications. The Russian hacker group Killnet makes a comeback with a revised strategy. Additionally, fake VPNs and browser installers are now being used to deploy Winos 4.0 malware, highlighting the evolving threat landscape. Tune in to discover how these developments impact cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Commvault Cloud Application Vulnerability
- CISA warns that hackers exploit default settings and elevated permissions in Commvault's cloud applications.
- Attackers accessed client secrets, posing broad risk to Commvault's M365 backup solution Metallic.
KillNet's Shift in Motives
- KillNet's return seems driven by reputation and profit, less ideological motivation.
- Their activity aligns with Russian propaganda efforts around Victory Day in May 2025.
Fake Installers Deliver Winos Malware
- Malware campaign uses fake VPN and browser installers to deliver Winos 4.0, targeting Chinese-speaking environments.
- The attacks demonstrate careful, long-term planning by a skilled threat actor.