Recent Security News
-
Recently patched Citrix NetScaler bug exploited as zero-day since August
October 18, 2023 at 08:02AM A critical vulnerability, known as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August. The issue allows attackers to access secrets in gateways configured as authentication, authorization, and accounting (AAA) virtual servers. Citrix has released a fix and urges customers to install the…
-
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
October 18, 2023 at 08:02AM Hackers are targeting internet-exposed Jupyter Notebooks to breach servers and deploy malware, including a Linux rootkit, crypto miners, and password-stealing scripts. This new campaign, called ‘Qubitstrike,’ aims to hijack Linux servers for cryptomining and steal credentials for cloud services. The malware is hosted on codeberg.org, marking the first instance of…
-
Cybersecurity M&A Roundup for First Half of October 2023
October 18, 2023 at 07:00AM In the first half of October 2023, there were over a dozen cybersecurity-related merger and acquisition (M&A) deals announced. Some notable acquisitions include Arctic Wolf’s acquisition of Revelstoke to enhance their security orchestration capabilities, KPMG’s acquisition of IMagosoft to expand their identity and access management services, and Okta’s acquisition of…
-
Recent NetScaler Vulnerability Exploited as Zero-Day Since August
October 18, 2023 at 07:00AM A critical vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway has been exploited as a zero-day since August, according to Google’s Mandiant cybersecurity unit. The flaw allows attackers to leak sensitive information without authentication. Citrix released patches on October 10 and updated their advisory to warn customers of the observed…
-
Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability
October 18, 2023 at 07:00AM Tens of thousands of Cisco devices have been hacked through a newly disclosed zero-day vulnerability, CVE-2023-20198. Cisco is working on a patch, but in the meantime, customers are advised to implement mitigations. The vulnerability allows attackers to gain elevated privileges and complete control over targeted systems. Cybersecurity companies have observed…