December 6, 2023 at 08:00AM A US government agency was attacked through a flaw in Adobe ColdFusion, identified as CVE-2023-26360, as reported by SecurityWeek. Key Takeaway from Meeting Notes: – An Adobe ColdFusion vulnerability with the identifier CVE-2023-26360 was exploited in cyberattacks targeting a US government agency. – The information regarding the exploitation of this … Read more
December 6, 2023 at 06:00AM CISA warns of a high-severity Adobe ColdFusion vulnerability (CVE-2023-26360) being actively exploited, affecting outdated versions of the software. Attackers used it for unauthorized access and code execution on government servers, installing malware, and conducting reconnaissance. Updated ColdFusion versions have fixed the flaw. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure … Read more
December 5, 2023 at 12:47PM CISA reported two server breaches at a federal agency due to an unpatched Adobe ColdFusion flaw (CVE-2023-26360). The attackers exploited the vulnerability for reconnaissance and malware deployment, but their further malicious activities were hindered. The incidents occurred months after agencies were ordered to patch the flaw, and the attackers’ identities … Read more
December 5, 2023 at 12:07PM CISA warns of ongoing attacks exploiting a critical Adobe ColdFusion vulnerability (CVE-2023-26360), despite a fix. Hackers targeted government servers, installing malware and conducting reconnaissance. Although attacks were contained, CISA stresses updating ColdFusion and enhancing security measures. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a … Read more