December 4, 2023 at 03:19PM Microsoft warns of APT28 exploiting a critical Outlook flaw, CVE-2023-23397, to hijack Exchange accounts, targeting governmental and key sectors in the US, Europe, and the Middle East. The attacks, using various vulnerabilities, have been ongoing since April 2022. Urgent mitigation includes applying security updates and enabling MFA. Meeting Takeaways: 1. … Read more
November 30, 2023 at 11:36PM Apple rolled out updates for iOS, iPadOS, macOS, and Safari to fix two actively exploited WebKit vulnerabilities. These flaws could potentially leak sensitive data and enable arbitrary code execution. The affected versions precede iOS 16.7.1, and all WebKit-based browsers on Apple devices are impacted. Devices from iPhone XS and certain … Read more
November 29, 2023 at 12:18AM Google patched seven Chrome security issues, including an actively exploited zero-day (CVE-2023-6345) in the Skia graphics library. Users should update to the latest version to prevent potential threats. This marks the sixth zero-day patched in 2023. Chromium-based browser users should also update. Meeting Takeaways: 1. Google has issued security updates … Read more
November 9, 2023 at 09:33AM Threat actors are exploiting a zero-day vulnerability in SysAid software to gain unauthorized access to corporate servers for data theft and ransomware deployment. The vulnerability, currently known as CVE-2023-47246, was used by a threat actor group called Lace Tempest to deploy Clop ransomware. SysAid has developed a patch and urges … Read more
October 25, 2023 at 12:16PM Winter Vivern, a Russia-linked advanced persistent threat (APT) actor, has been exploiting a zero-day vulnerability in the Roundcube webmail server to target government entities and a think tank in Europe. Winter Vivern, also known as TA473, focuses on espionage and has previously targeted NATO countries. It has been targeting email … Read more
October 23, 2023 at 05:07PM Security researchers have observed a sharp decline in the number of infected Cisco IOS XE systems over the weekend. The reason behind this decline is that the attacker altered the implant, making it no longer visible via previous fingerprinting methods. However, nearly 38,000 devices remain compromised if one knows how … Read more
October 23, 2023 at 10:09AM Cisco has released a free software update to address two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise over 50,000 IOS XE devices. The first fixed release available is 17.9.4a, with updates for other releases to be disclosed later. The vulnerabilities are in the web UI of Cisco devices … Read more
October 17, 2023 at 09:06AM US authorities have urged network admins to patch a critical vulnerability in Atlassian Confluence Data Center and Server due to ongoing nation-state exploitation. The potential consequences of the exploit are severe, as attackers could create new admin accounts for themselves. The attackers have already demonstrated sophistication by attempting to modify … Read more
October 17, 2023 at 05:54AM Researchers have discovered a critical vulnerability in the Royal Elementor Addons and Templates WordPress plugin that has been exploited for over a month. The bug allows attackers to upload arbitrary files to vulnerable sites, leading to remote code execution. The vulnerability has been targeted in over 46,000 attacks, with most … Read more