Recent Security News
-
Citrix warns admins to kill NetScaler user sessions to block hackers
November 21, 2023 at 11:41AM Admins who have patched their NetScaler appliances against the Citrix Bleed vulnerability must take additional measures to secure their devices. Citrix advises wiping all previous user sessions and terminating active ones to prevent attackers from accessing compromised devices. The flaw has been actively exploited since late August, and compromised sessions…
-
Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto
November 21, 2023 at 11:39AM Attackers are exploiting a critical remote code execution vulnerability in Apache ActiveMQ to target Linux systems with a cryptocurrency miner. The malware, known as Kinsing, infects vulnerable systems and deploys a cryptocurrency-mining script that drains resources. The flaw, tracked as CVE-2023-46604, allows remote attackers to execute arbitrary commands on affected…
-
Sumo Logic wrestles with security breach, pins down customer data
November 21, 2023 at 11:38AM Sumo Logic has confirmed that no customer data was compromised in a potential security breach. The company discovered unauthorized access to one of its AWS accounts but quickly secured the infrastructure and rotated customer credentials as a precaution. Sumo Logic will undertake further evaluation to prevent future incidents. Key takeaways…
-
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
November 21, 2023 at 11:29AM This joint Cybersecurity Advisory (CSA) aims to provide network defenders with information about the LockBit 3.0 ransomware and its exploitation of the CVE-2023-4966 vulnerability affecting Citrix NetScaler web application delivery control (ADC) and NetScaler Gateway appliances. The CSA includes tactics, techniques, and indicators of compromise (IOCs) obtained from various organizations,…
-
DarkGate and Pikabot malware emerge as Qakbot’s successors
November 21, 2023 at 10:56AM A sophisticated phishing campaign using DarkGate and PikaBot malware is posing a significant threat to organizations. The campaign began after the takedown of the Qakbot operation and is considered one of the most advanced since then. The attackers employ tactics similar to the previous Qakbot campaigns, indicating a shift to…