November 20, 2023 at 06:40PM The Cybersecurity and Infrastructure Security Agency (CISA) has been criticized for delays in updating its Known Exploited Vulnerabilities (KEV) catalog. The catalog, which lists vulnerabilities that attackers are actively exploiting, often lags behind public disclosure of vulnerabilities and the release of proof-of-concept (PoC) code. CISA’s requirement for clear remediation guidance … Read more
November 17, 2023 at 08:09AM The US cybersecurity agency CISA has added vulnerabilities from Sophos, Oracle, and Microsoft to its Known Exploited Vulnerabilities (KEV) catalog. The Sophos flaw, CVE-2023-1671, has been exploited in attacks and allows for arbitrary code execution. There have been reports of Chinese threat actors exploiting Sophos vulnerabilities. CISA’s KEV list also … Read more
November 10, 2023 at 05:23AM Cerber ransomware has been exploiting the Atlassian Confluence vulnerability CVE-2023-22518. The vulnerability allows unauthorized users to reset and create a Confluence instance administrator account, granting them full admin privileges. Cerber previously targeted Atlassian in 2021. The ransomware uses an encoded PowerShell command to download and execute a remote payload, encrypting … Read more
November 9, 2023 at 07:40AM Cybercriminals associated with the Cl0p ransomware gang, known as Lace Tempest, have exploited a zero-day vulnerability in on-prem versions of IT service and help desk software SysAid. Microsoft’s Threat Intelligence discovered the exploits and reported them to SysAid, who promptly released patches. The attackers used a new path traversal vulnerability … Read more
November 1, 2023 at 10:23AM Google has released Chrome version 119, which includes patches for 15 vulnerabilities, with 13 of them reported by external researchers. Three bugs are rated as ‘high severity.’ Google has awarded $16,000 and $11,000 for the first two bugs respectively, with the amount for the third bug yet to be determined. … Read more
October 26, 2023 at 12:57PM Hackers at the Pwn2Own Toronto 2023 competition earned a total of $350,000 in rewards on the second day. Devices such as NAS devices, printers, smart speakers, mobile phones, and routers were successfully exploited. The highest reward of $100,000 went to Chris Anastasio for vulnerabilities in the P-Link Omada Gigabit router … Read more
October 18, 2023 at 08:15AM Attackers in the cybersecurity landscape are constantly searching for vulnerabilities and exploit combinations within organizational environments. Security tools often fail to prioritize threats effectively and provide context on how issues can be leveraged by attackers. Real-life attack path scenarios reveal that 75% of critical assets can be compromised in their … Read more
October 11, 2023 at 12:09AM Microsoft analysts and researchers analyze trillions of signals daily to uncover emerging threats and provide timely security insights. They focus on nation-state groups to understand their activities within geopolitical trends. With the shift to remote work due to COVID-19, cybercriminals are exploiting system vulnerabilities and misconfigurations to access sensitive resources … Read more
October 10, 2023 at 04:36PM The Mirai-based DDoS malware botnet known as IZ1H9 has expanded its targets to include Linux-based routers and routers from brands like D-Link, Zyxel, TP-Link, and TOTOLINK. Fortinet researchers have observed high exploitation rates in September, with tens of thousands of attempts on vulnerable devices. IZ1H9 compromises devices, enlists them in … Read more
October 10, 2023 at 11:54AM A variant of the Mirai botnet, known as IZ1H9, has updated its tools with 13 new exploits targeting vulnerabilities in IoT devices from various manufacturers, including D-Link, TP-Link, Zyxel, and others. This variant is highly active in exploiting these vulnerabilities for distributed denial-of-service (DDoS) attacks. Fortinet observed thousands of attack … Read more