October 12, 2023 at 03:16PM Unpatched WS_FTP servers exposed to the internet are being targeted by ransomware attacks. The Reichsadler Cybercrime Group attempted to deploy ransomware on these servers using a stolen LockBit 3.0 builder. Although some servers have not been patched, the attempt to encrypt data was unsuccessful, although a $500 ransom demand was … Read more
October 11, 2023 at 10:35AM A Chinese-backed threat group, known as Storm-0062 or DarkShadow, has been exploiting a zero-day vulnerability in Atlassian Confluence Data Center and Server since September 2023. Microsoft has shared more information about the group’s involvement and identified four offending IP addresses. The vulnerability allows the group to create arbitrary administrator accounts. … Read more
October 11, 2023 at 08:42AM Protect AI, the maker of Huntr, a bug bounty program for open source software, has licensed three of its AI/ML security tools under the permissive Apache 2.0 terms. The first tool, NB Defense, helps protect machine learning projects in Jupyter Notebooks. The second tool, ModelScan, scans ML models for attacks … Read more
October 11, 2023 at 03:12AM Microsoft has released its October 2023 Patch Tuesday updates, addressing 103 flaws, two of which are actively being exploited. Among the vulnerabilities are information disclosure in Microsoft WordPad and privilege escalation in Skype for Business. Microsoft also fixed flaws in Microsoft Message Queuing and Layer 2 Tunneling Protocol. Additionally, Microsoft … Read more
October 11, 2023 at 12:30AM Microsoft has identified a critical flaw in Atlassian Confluence Data Center and Server that is being exploited by a nation-state actor called Storm-0062. The vulnerability, known as CVE-2023-22515, allows attackers to create unauthorized administrator accounts. Atlassian has been made aware of the issue and advises users to upgrade to the … Read more
October 10, 2023 at 05:21PM Apple has addressed two security issues in their products. The first issue, identified as CVE-2023-42824, could allow a local attacker to elevate their privileges. It may have been actively exploited on iOS versions prior to iOS 16.6. The second issue, identified as CVE-2023-5217, involves a buffer overflow that could lead … Read more
October 10, 2023 at 01:12PM Adobe has released patches for 13 security vulnerabilities in its products. Critical flaws in Adobe Commerce and Photoshop require immediate attention. The flaws could lead to arbitrary code execution, privilege escalation, and denial-of-service attacks. The affected software versions include Adobe Commerce and Magento Open Source. Adobe has also fixed a … Read more
October 10, 2023 at 04:07PM Microsoft has released a new security update (CVE-2023-36434) to address a critical vulnerability in Microsoft Exchange Server (CVE-2023-21709). The update eliminates the need for additional steps and manual removal of a vulnerable Windows IIS Token Cache module. Admins who have already removed the module must install the new security update … Read more
October 9, 2023 at 04:11PM Proof-of-concept (PoC) exploits for the critical buffer overflow vulnerability in the GNU C Library (glibc) have been developed, putting Linux systems at risk. The flaw, disclosed by Qualys researchers, could lead to unauthorized data access and system alterations, potentially granting attackers root privileges. Linux root takeovers are highly dangerous as … Read more