#remotecodeexecution

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

by

January 22, 2024 at 11:06AM Attempts to exploit a critical Atlassian Confluence vulnerability, CVE-2023-22527, began shortly after its disclosure. Out-of-date versions of Confluence Data Center and Server are affected, allowing unauthenticated attackers to achieve remote code execution. The Shadowserver Foundation reported 40,000 exploitation attempts, highlighting widespread activity and the ongoing risk to vulnerable servers. Based … Read more

Hackers start exploiting critical Atlassian Confluence RCE flaw

by

January 22, 2024 at 08:45AM Security researchers detect exploitation attempts for the critical CVE-2023-22527 vulnerability affecting older Atlassian Confluence servers, potentially exposing them to remote code execution. Atlassian provides fixes for affected versions and reports multiple attempts to exploit the flaw, mainly from Russian IP addresses. Server administrators are advised to update to a secure … Read more

CISA Issues Emergency Directive on Ivanti Zero-Days

by

January 19, 2024 at 07:54PM CISA is pressuring organizations to urgently address critical vulnerabilities in Ivanti Connect Secure VPN. Agencies must apply available mitigations, remove compromised products, and report infected devices. This follows a Chinese government-backed hacking team exploiting the vulnerabilities. The company has released pre-patch mitigations, with comprehensive fixes set to begin rollout on … Read more

Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks

by

January 18, 2024 at 11:12AM The Rapid SCADA open source industrial automation platform has seven unpatched vulnerabilities, including critical and high severity ones, allowing hackers to access sensitive industrial systems, execute arbitrary code, and compromise administrator passwords. The developers have not responded to notifications or requests for comment, leaving organizations vulnerable to potential attacks. Based … Read more

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

by

January 18, 2024 at 05:03AM Multiple security vulnerabilities in the TCP/IP network protocol stack of an open-source UEFI firmware are collectively dubbed PixieFail. These issues could be exploited to achieve remote code execution, denial-of-service, DNS cache poisoning, and leakage of sensitive information. Various firms’ UEFI firmware are impacted, and the CERT Coordination Center provided advisory … Read more

Atlassian Warns of Critical RCE Vulnerability in Outdated Confluence Instances

by

January 17, 2024 at 10:30AM Atlassian warns of a critical vulnerability in out-of-date Confluence Data Center and Server versions allowing remote code execution (RCE) without authentication, with a CVE-2023-22527 (CVSS score of 10). This template injection flaw impacts Confluence 8 versions released before Dec. 5, 2023. Atlassian advises immediate patching and recommends updating to the … Read more

Citrix warns of new Netscaler zero-days exploited in attacks

by

January 16, 2024 at 03:33PM Citrix has warned customers to immediately patch their vulnerable Netscaler ADC and Gateway appliances against actively exploited zero-day vulnerabilities (CVE-2023-6548 and CVE-2023-6549). The company advises blocking network traffic to affected instances if updates cannot be deployed immediately, and separating the management interface from internet exposure to reduce the risk of … Read more

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits – Act Now

by

January 16, 2024 at 09:39AM Over 178,000 SonicWall firewalls are susceptible to two security vulnerabilities. These flaws could lead to denial-of-service conditions and remote code execution. While there’s no evidence of exploits, a proof-of-concept for one vulnerability has been released. The cybersecurity firm warns that bad actors could use these flaws to trigger repeated crashes … Read more

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation

by

January 16, 2024 at 09:12AM Quarkslab discovered multiple critical vulnerabilities in the EDK II network stack, posing a risk of remote code execution attacks. These vulnerabilities, known as PixieFAIL, affect the PXE implementation and are utilized by various vendors, including Microsoft. Quarkslab released proof-of-concept code for the vulnerabilities and anticipates the CERT Coordination Center to … Read more

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE

by

January 16, 2024 at 09:12AM Report: Many SonicWall next-generation firewall devices are unpatched for critical vulnerabilities CVE-2022-22274 and CVE-2023-0656, with potential for DoS and RCE attacks. Over 178,000 vulnerable devices found, and new PoC exploits developed. Recommendations include applying patches immediately due to known exploitation in malicious attacks. Key Takeaways from Meeting Notes: – Cybersecurity … Read more