October 19, 2023 at 04:33PM North Korean state-backed threat groups, Diamond Sleet and Onyx Sleet, are exploiting a critical vulnerability in JetBrains TeamCity server to carry out cyber espionage, data theft, and other malicious activities. Over 30,000 organizations, including Citibank, Nike, and Ferrari, use TeamCity. The vulnerability allows attackers to gain administrative privileges and execute … Read more
October 18, 2023 at 07:00AM A critical vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway has been exploited as a zero-day since August, according to Google’s Mandiant cybersecurity unit. The flaw allows attackers to leak sensitive information without authentication. Citrix released patches on October 10 and updated their advisory to warn customers of the observed … Read more
October 16, 2023 at 11:08AM CISA, FBI, and MS-ISAC have issued a warning to network administrators to immediately patch their Atlassian Confluence servers due to a critical privilege escalation flaw (CVE-2023-22515) that is actively being exploited. The flaw affects Confluence Data Center and Server 8.0.0 and later versions. Atlassian has released security updates and advised … Read more
October 16, 2023 at 10:46AM The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint Cybersecurity Advisory (CSA) about the active exploitation of CVE-2023-22515, a vulnerability in Atlassian Confluence Data Center and Server. This vulnerability allows cyber threat actors to gain … Read more
October 11, 2023 at 12:06PM Patches have been released for a critical memory corruption vulnerability in the cURL data transfer project. The flaw, tracked as CVE-2023-38545, affects the SOCKS5 proxy handshake process in cURL, allowing remote exploitation in certain configurations. The bug can lead to heap buffer overflow, and affected versions are 7.69.0 to 8.3.0. … Read more