October 13, 2023 at 10:57AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared new details about vulnerabilities exploited by ransomware groups in order to help critical infrastructure organizations defend against attacks. Through its Ransomware Vulnerability Warning Pilot program, CISA has identified over 800 vulnerable systems frequently targeted by ransomware operations. CISA has also … Read more
October 13, 2023 at 10:12AM The US cybersecurity agency CISA has released two new resources to help organizations identify and eliminate security flaws targeted by ransomware groups. The resources include a column in the Known Exploited Vulnerabilities catalog that flags flaws associated with ransomware campaigns, and a table on the StopRansomware project’s website listing misconfigurations … Read more
October 13, 2023 at 07:06AM AvosLocker ransomware gang has been linked to recent attacks on critical infrastructure sectors in the U.S. The gang uses legitimate software and open-source remote administration tools to compromise networks and exfiltrate data. AvosLocker leverages sophisticated techniques to avoid detection and affects Windows, Linux, and VMware environments. The attacks rely on … Read more
October 12, 2023 at 07:46PM The US government has updated the list of tools used by AvosLocker ransomware affiliates in attacks to include open-source utilities and custom PowerShell and batch scripts. The FBI and CISA have shared a YARA rule for detecting malware disguised as a legitimate network monitoring tool. AvosLocker affiliates use legitimate software … Read more
October 12, 2023 at 12:46PM Apple has released security updates for older iPhones and iPads to address two zero-day vulnerabilities that were being exploited in attacks. The first vulnerability allows local attackers to elevate privileges on vulnerable devices, while the second vulnerability could allow threat actors to execute arbitrary code. Although Apple has not confirmed … Read more
October 11, 2023 at 02:20PM The Cybersecurity Infrastructure & Security Agency (CISA) has added an Adobe Acrobat Reader bug to its list of exploited vulnerabilities. The bug (CVE-2023-21608) exists in multiple versions of Adobe Acrobat and Reader and allows remote execution of malicious code. CISA advises users to update their software, which was patched in … Read more
October 11, 2023 at 08:24AM Tech companies including Cloudflare, AWS, and Google have responded to the HTTP/2 zero-day vulnerability that led to massive distributed denial-of-service attacks. The attacks exploited the HTTP/2 Rapid Reset feature, resulting in servers being taken down. Organizations like CISA, Microsoft, NGINX, F5, Netty, Apache, Swift, and Linux distributions have issued advisories … Read more
October 11, 2023 at 06:42AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added five security vulnerabilities to its Known Exploited Vulnerabilities catalog. These include an Adobe Acrobat and Reader flaw that can be exploited for remote code execution, an out-of-bounds write flaw in Cisco IOS and IOS XE, two zero-days impacting Skype for … Read more
October 10, 2023 at 09:54AM A new zero-day vulnerability called ‘HTTP/2 Rapid Reset’ has been exploited by malicious actors to launch massive distributed denial-of-service (DDoS) attacks. Cloudflare, Google, and AWS have all experienced record-breaking attacks, with the largest reaching 398 million requests per second. The attacks leverage a feature in the HTTP/2 protocol and have … Read more