CISA adds Adobe ColdFusion bug to Known Exploited Vulnerabilities Catalog
Adobe released security updates for ColdFusion versions 2021 and 2018 to resolve the critical flaw CVE-2023-26360 that was exploited in limited attacks
Read More...
Emotet malware returns after a three-month break
Emotet is a notorious malware distributed through email containing malicious Microsoft Word and Excel document attachments
Read More...
Business email compromise attacks can take only a few hours
According to FBI data, from June 2016 until July 2019, BEC attacks resulted in losses amounting to over $43 billion
Read More...
The Week in Ransomware
This week was highlighted by a massive BlackBasta ransomware attack targeting DISH Network and taking down numerous subsidiaries, including SlingTV and Boost Mobile
Read More...
Six critical vulnerabilities fixed in ArubaOS
The flaws impact Aruba Mobility Conductor, Aruba Mobility Controllers, and Aruba-managed WLAN Gateways and SD-WAN Gateways
Read More...
Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries
The 41 malicious PyPI packages have been found to pose as typosquatted variants of legitimate modules such as HTTP, AIOHTTP, requests, urllib, and urllib3
Read More...
Hackers start using Havoc post-exploitation framework in attacks
It bypasses Microsoft Defender on up-to-date Windows 11 devices using sleep obfuscation, return address stack spoofing, and indirect syscalls
Read More...
Emsisoft says hackers are spoofing its certs to breach networks
The attacker's aim was to get that organization to allow an application the threat actor installed and intended to use by making its detection appear false-positive
Read More...
Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
The addressed security problems are categorized as high-severity and could enable attackers with local access to the target to elevate their privileges and take control of the affected system
Read More...
Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws
Nine vulnerabilities have been classified as 'Critical', allowing remote code execution on vulnerable devices
Read More...