October 12, 2023 at 03:16PM Unpatched WS_FTP servers exposed to the internet are being targeted by ransomware attacks. The Reichsadler Cybercrime Group attempted to deploy ransomware on these servers using a stolen LockBit 3.0 builder. Although some servers have not been patched, the attempt to encrypt data was unsuccessful, although a $500 ransom demand was … Read more
October 12, 2023 at 10:21AM Apple has released iOS and iPadOS updates to patch a kernel vulnerability (CVE-2023-42824) that has been actively exploited in attacks. The flaw is a local privilege escalation issue, indicating it may have been used as part of an exploit chain. Although Apple has not provided details about the attacks or … Read more
October 12, 2023 at 01:01AM Patches have been released for two security flaws in the Curl data transfer library. The more severe vulnerability, labeled CVE-2023-38545, allows for code execution and is considered one of the worst security flaws in Curl in a long time. The other vulnerability, CVE-2023-38546, enables cookie injection. Both flaws have been … Read more
October 11, 2023 at 10:07AM Citrix has released patches for a critical vulnerability in NetScaler Application Delivery Controller (ADC) and NetScaler Gateway. The vulnerability, CVE-2023-4966, could lead to sensitive information disclosure and can be exploited without authentication. Citrix advises customers to upgrade their appliances to the supported versions. The company has also addressed a denial-of-service … Read more
October 11, 2023 at 08:54AM The US Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog. The vulnerability, tracked as CVE-2023-21608, is a use-after-free bug that allows for remote code execution. Adobe released a patch for the flaw in January 2023, but details … Read more
October 10, 2023 at 07:54PM Researchers at Microsoft have identified a known nation-state threat actor, referred to as Storm-0062, as responsible for the recent zero-day exploits targeting Atlassian’s Confluence Data Center and Server products. The malicious activity had been ongoing since September 14, before Atlassian publicly disclosed the issue. Microsoft has provided IP addresses related … Read more
October 10, 2023 at 04:07PM Microsoft has released a new security update (CVE-2023-36434) to address a critical vulnerability in Microsoft Exchange Server (CVE-2023-21709). The update eliminates the need for additional steps and manual removal of a vulnerable Windows IIS Token Cache module. Admins who have already removed the module must install the new security update … Read more