vulnerability

Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately

by

October 23, 2023 at 02:22PM Citrix warns admins to immediately secure NetScaler ADC and Gateway appliances against ongoing attacks exploiting the CVE-2023-4966 vulnerability. The vulnerability allows unauthenticated attackers to remotely exploit systems without user interaction. Mandiant reported that threat actors have been using this zero-day vulnerability to steal authentication sessions and hijack accounts since late … Read more

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

by

October 21, 2023 at 12:33AM Cisco has alerted users to a zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor. The flaw, tracked as CVE-2023-20273, allows for privilege escalation and the deployment of a malicious implant. Cisco has identified a fix and recommends disabling the HTTP server feature until … Read more

Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw

by

October 19, 2023 at 12:33AM State-backed threat actors from Russia and China are exploiting a security flaw in the WinRAR archiver tool for Windows. The vulnerability (CVE-2023-38831) allows attackers to execute code when a user tries to view a benign file in a ZIP archive. The attackers include FROZENBARENTS (Sandworm), FROZENLAKE (APT28), and ISLANDDREAMS (APT40). … Read more

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

by

October 18, 2023 at 01:48PM Google’s Threat Analysis Group has found that government-backed hacking groups from Russia and China are still using a security flaw in the WinRAR file archiving utility, despite patches being released three months ago. The vulnerability, which allows attackers to execute code, has been known since at least April and is … Read more

Google links WinRAR exploitation to Russian, Chinese state hackers

by

October 18, 2023 at 12:49PM Google’s Threat Analysis Group has identified state-backed hacking groups, including Sandworm, APT28, and APT40, exploiting a vulnerability in WinRAR, a popular compression software. The bug allows attackers to execute arbitrary code on users’ systems. Despite a patch being available, many users remain vulnerable. The bug has been exploited since April, … Read more

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

by

October 18, 2023 at 09:15AM Citrix has issued a warning about a critical security flaw in its NetScaler ADC and Gateway appliances, known as CVE-2023-4966. The vulnerability could expose sensitive information and requires devices to be configured as a Gateway or AAA virtual server for exploitation to occur. Patches were released on October 10, 2023, … Read more

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

by

October 18, 2023 at 07:00AM A critical vulnerability (CVE-2023-4966) in Citrix NetScaler ADC and Gateway has been exploited as a zero-day since August, according to Google’s Mandiant cybersecurity unit. The flaw allows attackers to leak sensitive information without authentication. Citrix released patches on October 10 and updated their advisory to warn customers of the observed … Read more

New Admin Takeover Vulnerability Exposed in Synology’s DiskStation Manager

by

October 18, 2023 at 03:33AM A medium-severity flaw has been discovered in Synology’s DiskStation Manager (DSM) that could allow an attacker to remotely hijack an administrator’s account by deciphering their password. The flaw stems from the use of a weak random number generator. Synology has already addressed the issue in updates released in June 2023. … Read more

Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software

by

October 17, 2023 at 10:51AM Two critical security flaws have been discovered in the CasaOS personal cloud software. These vulnerabilities allow attackers to bypass authentication and gain full access to the CasaOS dashboard. Additionally, attackers can exploit third-party applications to execute arbitrary commands on the system and gain persistent access. The flaws have been addressed … Read more

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

by

October 17, 2023 at 07:12AM Cisco has issued a warning about a zero-day vulnerability, CVE-2023-20198, affecting its IOS XE software. The vulnerability allows remote attackers to gain privileged access and take control of devices, potentially modifying network routing rules and exfiltrating data. Cisco has observed active exploitation of the vulnerability and is working on a … Read more