October 17, 2023 at 09:06AM US authorities have urged network admins to patch a critical vulnerability in Atlassian Confluence Data Center and Server due to ongoing nation-state exploitation. The potential consequences of the exploit are severe, as attackers could create new admin accounts for themselves. The attackers have already demonstrated sophistication by attempting to modify … Read more
October 17, 2023 at 07:12AM Cisco has issued a warning about a zero-day vulnerability, CVE-2023-20198, affecting its IOS XE software. The vulnerability allows remote attackers to gain privileged access and take control of devices, potentially modifying network routing rules and exfiltrating data. Cisco has observed active exploitation of the vulnerability and is working on a … Read more
October 17, 2023 at 02:09AM Between May and September 2023, at least 11 telecommunication service providers in Ukraine were targeted by threat actors. The attacks, carried out under the name UAC-0165, caused service interruptions for customers. The attackers used reconnaissance and exploitation techniques from previously compromised servers, employing specialized programs for credential theft and remote … Read more
October 17, 2023 at 01:03AM Cisco has issued a warning about a critical security flaw in its IOS XE software that is being actively exploited. The vulnerability, assigned as CVE-2023-20198, allows remote attackers to create an account with high-level access and gain control of affected systems. The flaw only affects enterprise networking gear with the … Read more
October 12, 2023 at 07:46PM The US government has updated the list of tools used by AvosLocker ransomware affiliates in attacks to include open-source utilities and custom PowerShell and batch scripts. The FBI and CISA have shared a YARA rule for detecting malware disguised as a legitimate network monitoring tool. AvosLocker affiliates use legitimate software … Read more