November 20, 2023 at 06:40PM The Cybersecurity and Infrastructure Security Agency (CISA) has been criticized for delays in updating its Known Exploited Vulnerabilities (KEV) catalog. The catalog, which lists vulnerabilities that attackers are actively exploiting, often lags behind public disclosure of vulnerabilities and the release of proof-of-concept (PoC) code. CISA’s requirement for clear remediation guidance … Read more
November 17, 2023 at 09:15AM The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security issues affecting Microsoft devices, a Sophos product, and an Oracle solution to its known exploited vulnerabilities catalog. CISA advises federal agencies to install available security updates for these vulnerabilities by December 7. The three vulnerabilities are listed as … Read more
November 17, 2023 at 08:09AM The US cybersecurity agency CISA has added vulnerabilities from Sophos, Oracle, and Microsoft to its Known Exploited Vulnerabilities (KEV) catalog. The Sophos flaw, CVE-2023-1671, has been exploited in attacks and allows for arbitrary code execution. There have been reports of Chinese threat actors exploiting Sophos vulnerabilities. CISA’s KEV list also … Read more
November 17, 2023 at 01:06AM The U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. The vulnerabilities include a Microsoft Windows security bypass, a Sophos command injection, and an unspecified Oracle vulnerability. A critical command injection bug has also been disclosed in FortiSIEM report server. … Read more
November 16, 2023 at 03:16PM Researchers at AhnLab Security Emergency Response Center (ASEC) have discovered a new campaign targeting MySQL servers with the ‘Ddostf’ malware botnet. The attackers exploit vulnerabilities or weak credentials to gain access to the servers and use user-defined functions (UDFs) to execute commands. The primary payload is the Ddostf bot client, … Read more
November 16, 2023 at 12:49PM Researchers have discovered critical vulnerabilities in the infrastructure used for AI models, putting companies at risk. The affected platforms include Ray, MLflow, ModelDB, and H20 version 3. These vulnerabilities could potentially give unauthorized access to AI models and the rest of the network. Protect AI disclosed the results and informed … Read more
November 15, 2023 at 02:32PM Citrix has released hotfixes for two vulnerabilities affecting Citrix Hypervisor. One of the vulnerabilities, known as “Reptar,” affects Intel CPUs and can lead to system instability, crashes, or privilege escalation. The other vulnerability allows malicious code in a guest virtual machine to compromise an AMD-based host. Instructions on applying the … Read more
November 15, 2023 at 01:36PM Researchers at Bitdefender have identified weaknesses in Google Workspace that could potentially lead to ransomware attacks, data exfiltration, and password decryption. These vulnerabilities could also be used to access Google Cloud Platform with custom permissions and propagate from one machine to another. Google has stated that these weaknesses are outside … Read more
November 15, 2023 at 01:15AM Microsoft has released patches to address 63 security bugs, including three actively exploited vulnerabilities. The flaws are rated as Critical, Important, and Moderate in severity. Five zero-day vulnerabilities are identified, including issues with Windows SmartScreen and ASP.NET Core. The U.S. Cybersecurity and Infrastructure Security Agency has issued a warning and … Read more
November 14, 2023 at 07:42PM Microsoft’s November Patch Tuesday fixes around 60 vulnerabilities, including three that have already been exploited. These include privilege-escalation vulnerabilities in Windows Desktop Manager and Windows Cloud Files Mini Filter Driver, as well as a security feature bypass flaw in Windows Defender SmartScreen. Additionally, Adobe patched 76 vulnerabilities across its products, … Read more