April 3, 2024 at 12:40PM Google has resolved a zero-day vulnerability in Chrome, tracked as CVE-2024-3159, stemming from an out-of-bounds read weakness in the Chrome V8 JavaScript engine. The flaw allowed remote attackers to gain unauthorized access to data or trigger a crash. Google also addressed two other Chrome zero-days and two Android zero-days, underscoring … Read more
February 17, 2024 at 03:07AM Winter Vivern, a Russia-aligned threat group, exploited cross-site scripting vulnerabilities in Roundcube webmail servers across Europe, primarily targeting government, military, and national infrastructure in Georgia, Poland, and Ukraine. Using social engineering techniques and a zero-day exploit, they gained unauthorized access to mail servers, potentially for cyber-espionage serving the interests of … Read more
February 14, 2024 at 05:02PM Microsoft has identified a critical security vulnerability, CVE-2024-21413, in Outlook that allows remote unauthenticated attackers to exploit it, leading to remote code execution and the theft of NTLM credentials. The flaw bypasses Protected View and can be exploited through the Preview Pane, affecting multiple Office products. Check Point revealed a … Read more
January 31, 2024 at 10:49AM Ivanti has released the first round of patches for Connect Secure and Policy Secure gateways, addressing two zero-day vulnerabilities. Admins are advised to apply the patches and factory-reset devices as a precaution. This comes after delayed releases and growing exploitation. Customers should monitor and apply mitigations as patches continue to … Read more
January 22, 2024 at 05:12PM A critical VMware vulnerability, CVE-2023-34048, was exploited by a Chinese APT, UNC3886, since late 2021 as a zero-day. The group utilized this to gain remote code-execution capabilities and compromise ESXi hosts. Organizations must ensure patching was effective, as many may still be vulnerable due to various challenges in deploying patches. … Read more
January 16, 2024 at 04:24PM Google has released an urgent Chrome browser update to address three high-severity security flaws, warning that one is currently being exploited in the wild. The exploited zero-day, CVE-2024-0519, is an out-of-bounds memory access issue in the V8 JavaScript engine. The update also covers two additional high-risk memory safety issues. This … Read more
January 10, 2024 at 01:59PM Ivanti has disclosed two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure products. The CVE-2023-46805 flaw bypasses authentication, while CVE-2024-21887 allows arbitrary command execution. Chaining the two enables attackers to run commands without authentication. Ivanti is working on patches, with mitigation available until then. The company reports limited … Read more
January 2, 2024 at 03:06PM Info-stealing malware can still access compromised Google accounts even after passwords are changed, due to a zero-day exploit first mentioned by the cybercriminal “PRISMA.” The exploit involves regenerating session tokens to access emails and cloud storage. CloudSEK identified the exploit in the undocumented Google OAuth endpoint “MultiLogin.” The discover reveals … Read more
December 29, 2023 at 11:16AM Multiple malware families are exploiting an undocumented Google OAuth endpoint called “MultiLogin” to revive expired authentication cookies and infiltrate users’ accounts. This technique allows cybercriminals to gain unauthorized access to Google accounts, even after password resets or logouts. Despite being notified, Google has not responded to inquiries about this issue. … Read more
December 5, 2023 at 12:07PM CISA warns of ongoing attacks exploiting a critical Adobe ColdFusion vulnerability (CVE-2023-26360), despite a fix. Hackers targeted government servers, installing malware and conducting reconnaissance. Although attacks were contained, CISA stresses updating ColdFusion and enhancing security measures. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a … Read more