January 12, 2024 at 02:47PM CISA warned of active exploitation of critical Microsoft SharePoint vulnerabilities, including CVE-2023-29357, which allows attackers to gain admin privileges using spoofed JWT tokens. When chained with another bug, remote code execution is possible. These exploits have gained attention after a successful demo at the Pwn2Own contest, leading to the release … Read more
December 18, 2023 at 05:30AM 3CX advises customers to disable SQL database integrations due to a vulnerability impacting versions 18 and 20. Only 0.25% of users are affected, but MongoDB, MsSQL, MySQL, and PostgreSQL integrations should be disabled as a precaution. Web-based CRM integrations are not affected. No technical details on the security defect are … Read more
December 15, 2023 at 12:32PM 3CX, a VoIP company, urged customers to disable SQL Database integrations due to potential vulnerabilities. The advisory, lacking specific details, affects versions 18 and 20 of the VOIP software and advises disabling MongoDB, MsSQL, MySQL, and PostgreSQL integrations. This comes after a supply chain attack trojanized their 3CXDesktopApp in March … Read more
December 12, 2023 at 01:00AM Apache has issued a critical security advisory for a flaw in Struts 2, a Java web application framework, potentially allowing remote code execution. Tracked as CVE-2023-50164, the flaw affects various versions, with patches available for some. No workarounds exist, and upgrades to versions 2.5.33 and 6.3.0.2 or higher are highly … Read more
November 23, 2023 at 12:03AM New Relic, a web tracking and analytics company, issued a security advisory to its customers about a recent cyber security incident. The advisory urges customers to remain vigilant for suspicious activity, but provides no further details about the nature of the incident. New Relic assures customers that they will be … Read more
November 14, 2023 at 09:53AM The FBI and CISA have released guidance on the Royal ransomware operation, suggesting that it may undergo a rebrand. The agencies have observed code overlaps and similarities in intrusion techniques between Royal and BlackSuit ransomware, indicating a potential rebrand or spinoff variant. The advisory provides information on the IOCs and … Read more
November 6, 2023 at 07:52AM QNAP Systems has issued security advisories regarding two critical command injection vulnerabilities in its QTS operating system and applications for network-attached storage (NAS) devices. The flaws, tracked as CVE-2023-23368 and CVE-2023-23369, can be exploited remotely by attackers. Multiple QTS versions are affected, but fixes are available for download. Admins are … Read more