Exploit released for Veeam bug allowing cleartext credential theft
It is important to note that this vulnerability should be taken seriously, and patches should be applied as soon as possible to ensure the organization's security
Read More...
Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware
This proves that no open-source repository is safe from malicious actors.
Read More...
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to obtain access to files and credentials, escalate privileges, and remotely execute arbitrary code
Read More...
CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog
Adobe released security updates for ColdFusion versions 2021 and 2018 to resolve the critical flaw CVE-2023-26360 that was exploited in limited attacks
Read More...
New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining
The novel Dero crypto jacking operation concentrates on locating Kubernetes clusters with anonymous access enabled on a Kubernetes API and listening on non-standard ports accessible from the internet
Read More...
Large-Scale Use of Phishing Kits Sends Millions of Emails Daily
Such attacks are more effective because they circumvent multi-factor authentication (MFA) protections
Read More...
Critical Microsoft Outlook bug is easy exploitable
The issue is a privilege escalation vulnerability with a 9.8 severity rating affecting all Microsoft Outlook versions on Windows
Read More...
Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws
Nine vulnerabilities have been classified as 'Critical' for allowing remote code execution, denial of service, or elevation of privileges attacks
Read More...
CISA adds three new bugs to Known Exploited Vulnerabilities Catalog
CISA added actively exploited flaws in Teclib GLPI, Apache Spark, and Zoho ManageEngine ADSelfService Plus to its Known Exploited Vulnerabilities Catalog
Read More...
SonicWall devices infected by malware that survives firmware upgrades
The deployed malware is customized for SonicWall devices and is used to steal user credentials, provide shell access to the attackers, and even persist through firmware upgrades
Read More...