Akira ransomware targets Cisco VPNs to breach organizations
Akira has been using compromised Cisco VPN accounts to breach corporate networks without needing to drop additional backdoors
Read More...
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws
This month's Patch Tuesday fixes two zero-day vulnerabilities, with both exploited in attacks and one of them publicly disclosed
Read More...
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
The harvested data, which could also contain credentials and valuable intellectual property, is ultimately transmitted to the server in the form of a ZIP archive file
Read More...
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
CVE-2023-2640 is a high-severity (CVSS v3 score: 7.8) vulnerability in the Ubuntu Linux kernel caused by inadequate permission checks allowing a local attacker to gain elevated privileges
Read More...
Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo
If successfully exploited, could result in remote code execution on susceptible systems
Read More...
Apple fixes new zero-day used in attacks against iPhones, Macs
Attackers could exploit it on unpatched devices to modify sensitive kernel states
Read More...
Ivanti patches MobileIron zero-day bug exploited in attacks
An authentication bypass vulnerability in Ivanti EPMM allows unauthorized users to access restricted functionality or resources of the application without proper authentication
Read More...
Microsoft expands access to cloud logging data for free after Exchange hacks
Due to these discussions, Microsoft says that they are expanding access to the premium cloud logging to all customers for free
Read More...
New critical Citrix ADC and Gateway flaw exploited as zero-days
Exploits of CVE-2023-3519 on unmitigated appliances have been observed - customers urged to update vulnerable instances
Read More...
SonicWall warns admins to patch critical auth bypass bugs immediately
Successful exploitation enables unauthorized access to data that would typically be inaccessible to an attacker
Read More...