Recent Security News

  • US cybercops urge admins to patch amid ongoing Confluence chaos

    October 17, 2023 at 09:06AM US authorities have urged network admins to patch a critical vulnerability in Atlassian Confluence Data Center and Server due to ongoing nation-state exploitation. The potential consequences of the exploit are severe, as attackers could create new admin accounts for themselves. The attackers have already demonstrated sophistication by attempting to modify…

    Read More

  • October Windows Server updates cause Hyper-V VM boot issues

    October 17, 2023 at 08:37AM Hyper-V hosts running Windows Server 2019 and Windows Server 2022 are experiencing issues with virtual machines (VMs) failing to boot after installing certain Patch Tuesday updates. Uninstalling the problematic updates resolves the issue, and Microsoft has yet to acknowledge it. In the past, the company released emergency updates to fix…

    Read More

  • NSA Publishes ICS/OT Intrusion Detection Signatures and Analytics

    October 17, 2023 at 07:12AM The National Security Agency has released a repository called Elitewolf on GitHub, which contains intrusion detection signatures and analytics for hunting malicious activity in industrial control systems and operational technology environments. The release is in response to increased cyber activity targeting critical infrastructure and aims to help organizations implement continuous…

    Read More

  • US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

    October 17, 2023 at 07:12AM The US cybersecurity agency CISA, together with the FBI and MS-ISAC, has issued a warning about a zero-day vulnerability in Atlassian Confluence Data Center and Server. Tracked as CVE-2023-22515, the flaw has been exploited by a nation-state threat actor since September 14. It allows unauthorized access, creation of administrative accounts,…

    Read More

  • Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

    October 17, 2023 at 07:12AM Cisco has issued a warning about a zero-day vulnerability, CVE-2023-20198, affecting its IOS XE software. The vulnerability allows remote attackers to gain privileged access and take control of devices, potentially modifying network routing rules and exfiltrating data. Cisco has observed active exploitation of the vulnerability and is working on a…

    Read More