Recent Security News
-
Cisco warns of new IOS XE zero-day actively exploited in attacks
October 16, 2023 at 11:52AM Cisco has warned administrators about a severe zero-day vulnerability in its IOS XE Software that allows attackers to gain full control of affected routers. The vulnerability, identified as CVE-2023-20198, only affects devices with the Web User Interface feature enabled and the HTTP or HTTPS Server feature toggled on. Cisco advises…
-
BLOODALCHEMY provides backdoor to southeast Asian nations’ secrets
October 16, 2023 at 11:23AM Security researchers have discovered a backdoor called “BLOODALCHEMY” that targets x86 systems and is being used in attacks against governments and organizations in the Association of Southeast Asian Nations (ASEAN). The backdoor is part of the REF5961 intrusion set, which is believed to be linked to a group with ties…
-
Fake ‘RedAlert’ rocket alert app for Israel installs Android spyware
October 16, 2023 at 11:23AM A malicious version of the ‘RedAlert – Rocket Alerts’ app is targeting Israeli Android users. The fake app, distributed from the website “redalerts[.]me,” appears legitimate but installs spyware on the device. It requests additional permissions and collects data from the user, encrypting and uploading it to a hardcoded IP address.…
-
CISA, FBI urge admins to patch Atlassian Confluence immediately
October 16, 2023 at 11:08AM CISA, FBI, and MS-ISAC have issued a warning to network administrators to immediately patch their Atlassian Confluence servers due to a critical privilege escalation flaw (CVE-2023-22515) that is actively being exploited. The flaw affects Confluence Data Center and Server 8.0.0 and later versions. Atlassian has released security updates and advised…