HIGH 90% confidence outage

Fake Incident Report Phishing Campaign

['Operators警惕：假冒事件报告被用于钓鱼攻击，提高警觉防止信息泄露。', '今天早上收到了一封有趣的钓鱼邮件，假冒的事件报告用于诱骗点击。'] Includes severity, confidence, and actionable response guidance for operators.

['此攻击利用了操作人员在日常工作中对安全事件通报的习惯反应，诱使他们在未仔细审查的情况下采取快速行动，从而导致潜在的数据泄露或系统入侵。']

IT管理员网络安全人员

action items (2)

• 提高安全意识，识别钓鱼攻击模式
• 与团队分享此信息并进行培训

SANS ISC · 2026-02-20T02:29

HIGH 95% confidence outage

CISA Adds Four New Known Exploited Vulnerabilities to Catalog

['CISA adds four new vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation. These include. Read full ops

['The vulnerabilities listed in the KEV Catalog represent significant risks to organizations as they are actively being exploited by malicious cyber actors.', 'CISA updates its catalog regularly based on new evidence of

Microsoft WindowsSynacor Zimbra Collaboration Suite (ZCS)TeamT5 ThreatSonar Anti-Ransomware SolutionGoogle Chromium

action items (3)

• Review CISA's KEV Catalog regularly and prioritize remediation based on severity and applicability.
• Ensure compliance with BOD 22-01 for Federal Civilian Executive Branch (FCEB) agencies, if applicable.
• Develop a comprehensive strategy to address known exploited vulnerabilities in your environment.

CISA Current Activity · 2026-02-20T02:28

CRITICAL 95% confidence outage

China-linked Attackers Exploit Dell Zero-Day Since Mid-2024

Chinese attackers have been exploiting a severe hardcoded credential bug in Dell's RecoverPoint for Virtual Machines as a zero-day since mid-2024, deploying.

['To establish long-term persistence on compromised systems']

Dell RecoverPoint for Virtual Machines users

action items (2)

• Update systems to the latest firmware and software versions
• Conduct a thorough security audit of affected devices

The Register · 2026-02-20T02:28

LOW 95% confidence advisory

Linus Torvalds' Journey from Hobby to Global Linux Phenomenon

["Linus Torvalds reflects on how his 'hobby' project grew into a global phenomenon, impacting everything from PCs and Macs to servers and embedded systems.".

["Understanding the historical context of Linux's growth helps operators appreciate its resilience and adaptability in modern IT environments.", 'Community-driven development and permissive licensing facilitated rapid ad

Linux SystemsOpen Source Environments

action items (2)

• Review Linux system logs for signs of unusual activity or unauthorized changes
• Engage with the broader Linux community through forums, mailing lists, and conferences

The Register · 2026-02-20T02:28

HIGH 90% confidence advisory

NSYSOps Intel: RMM RAT TrustConnect

['Criminals create fake remote management vendor selling a backdoor disguised as legitimate software for $300 per month. Proofpoint uncovers this novel. Read fu

['This threat exploits trust in established RMM solutions and introduces significant security risks such as data exfiltration, unauthorized access, and lateral movement within compromised environments.', 'Operators must

IT Security TeamsNetwork AdministratorsIncident Responders

action items (2)

• Review existing policies regarding remote management tool usage and procurement.
• Deploy network monitoring and threat detection systems that can identify anomalies related to RMM tools.

The Register · 2026-02-20 01:59