exploit

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors

critical infrastructure, Cybercrime forums, exploit, Fortinet, ODIN, vulnerability /

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors 2024-02-16 at 08:46 By cybleinc Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure. The post Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors appeared first on Cyble. This article is an excerpt from Cyble View Original Source React […]

React to this headline:

Loading spinner

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors Read More »

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)

backdoor, Don't miss, exploit, Hot stuff, Ivanti, News, Orange Cyberdefense, vulnerability /

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) 2024-02-13 at 13:01 By Helga Labus Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation Ivanti disclosed CVE-2024-21893 – a server-side request

React to this headline:

Loading spinner

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) Read More »

SiCat: Open-source exploit finder

451 Research, Don't miss, exploit, GitHub, Hot stuff, News, open source, software /

SiCat: Open-source exploit finder 2024-02-12 at 06:31 By Mirko Zorz SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and corresponding exploits. Akas Wisnu Aji,

React to this headline:

Loading spinner

SiCat: Open-source exploit finder Read More »

Akira, LockBit actively searching for vulnerable Cisco ASA devices

Cisco, Don't miss, enterprise, exploit, GreyNoise, Hot stuff, News, Ransomware, Truesec, vulnerability /

Akira, LockBit actively searching for vulnerable Cisco ASA devices 2024-02-08 at 14:31 By Zeljka Zorz Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. They are targeting vulnerabilities for which patches have been made available in 2020 and 2023.

React to this headline:

Loading spinner

Akira, LockBit actively searching for vulnerable Cisco ASA devices Read More »

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

Don't miss, exploit, Hot stuff, Ivanti, News, Shadowserver, vulnerability /

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) 2024-02-07 at 12:16 By Zeljka Zorz CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted

React to this headline:

Loading spinner

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) Read More »

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

Akamai, botnet, Don't miss, exploit, Hot stuff, Linux, Log4j, Malware, News, vulnerability /

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities 2024-02-01 at 17:31 By Helga Labus The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is

React to this headline:

Loading spinner

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities Read More »

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527)

exploit, vulnerability /

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) 2024-01-30 at 17:15 By neetha871ad236bd Cyble’s Global Sensor Intelligence (CGSI) network picks up scanning attempts aiming to exploit a recent Vulnerability in Atlassian Confluence. The post Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. The post Active Exploitation of Atlassian Confluence RCE Vulnerability

React to this headline:

Loading spinner

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) Read More »

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527)

Annoucement, exploit, vulnerability /

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) 2024-01-30 at 16:02 By neetha871ad236bd There is no excerpt because this is a protected post. The post Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. The post Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. This

React to this headline:

Loading spinner

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) Read More »

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Don't miss, exploit, Hot stuff, Jenkins, News, open source, PoC, security update, SonarSource, vulnerability /

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) 2024-01-29 at 13:31 By Helga Labus Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps

React to this headline:

Loading spinner

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) Read More »

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

CISA, Don't miss, endpoint management, exploit, GreyNoise, Ivanti, News, Rapid7, vulnerability /

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) 2024-01-19 at 19:49 By Zeljka Zorz A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities

React to this headline:

Loading spinner

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) Read More »

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities

exploit, Malware, vulnerability /

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities 2024-01-19 at 16:18 By cybleinc Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities Introduction Cyble Global Sensor Intelligence (CGSI) has detected the continuous exploitation of recently revealed vulnerabilities in Ivanti Connect Secure (ICS), previously known as Pulse Connect Secure

React to this headline:

Loading spinner

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities Read More »

Akira ransomware attackers are wiping NAS and tape backups

backup, Cisco, Don't miss, EU, exploit, Hot stuff, NAS, News, Ransomware, vulnerability /

Akira ransomware attackers are wiping NAS and tape backups 2024-01-12 at 16:17 By Helga Labus “The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National Cybersecurity Center (NCSC-FI) has shared on Wednesday. NCSC-FI has received 12 reports of Akira

React to this headline:

Loading spinner

Akira ransomware attackers are wiping NAS and tape backups Read More »

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones

exploit, Featured, iOS, Mobile & Wireless, Operation Triangulation /

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones 2023-12-28 at 14:01 By Ionut Arghire iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones Read More »

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers

cryptojacking, Don't miss, exploit, Hot stuff, Imperva, Malware, News, Oracle WebLogic, research, vulnerability /

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers 20/12/2023 at 16:02 By Helga Labus The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners

React to this headline:

Loading spinner

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers Read More »

Russian hackers target unpatched JetBrains TeamCity servers

APT, CISA, cyber espionage, Don't miss, enterprise, exploit, Fortinet, Hot stuff, JetBrains, National Cyber Security Centre, News, Shadowserver, vulnerability /

Russian hackers target unpatched JetBrains TeamCity servers 14/12/2023 at 16:04 By Helga Labus Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. The targets APT 29 (aka CozyBear, aka Midnight Blizzard), believed to be associated with

React to this headline:

Loading spinner

Russian hackers target unpatched JetBrains TeamCity servers Read More »

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Akamai, Apache Struts, Don't miss, exploit, Hot stuff, News, PoC, Shadowserver, vulnerability /

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) 14/12/2023 at 13:32 By Zeljka Zorz Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter ‘fileFileName’ – a deviation from the original

React to this headline:

Loading spinner

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) Read More »

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware

Cisco, Don't miss, exploit, Hot stuff, Log4j, Malware, News, North Korea, vulnerability /

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware 12/12/2023 at 17:50 By Helga Labus North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their

React to this headline:

Loading spinner

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware Read More »

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)

Adobe ColdFusion, CISA, Don't miss, exploit, Government, Hot stuff, News, vulnerability /

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360) 06/12/2023 at 17:46 By Helga Labus Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared. About the exploited vulnerability CVE-2023-26360 is a deserialization of untrusted data

React to this headline:

Loading spinner

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360) Read More »

Qlik Sense flaws exploited in Cactus ransomware campaign

Arctic Wolf Networks, data analytics, Don't miss, exploit, Hot stuff, News, Ransomware, security update, vulnerability /

Qlik Sense flaws exploited in Cactus ransomware campaign 01/12/2023 at 15:18 By Helga Labus Attackers are exploiting three critical vulnerabilities in internet-facing Qlik Sense instances to deliver Cactus ransomware to target organizations, Arctic Wolf researchers have warned. The exploited vulnerabilities Qlik Sense is a business intelligence and data analytics solution popular with governmental organizations and

React to this headline:

Loading spinner

Qlik Sense flaws exploited in Cactus ransomware campaign Read More »

What custom GPTs mean for the future of phishing

Artificial Intelligence, ChatGPT, code, cybersecurity, Don't miss, exploit, generative AI, hacker, Hot stuff, OpenAI, Perception Point, phishing, Video /

What custom GPTs mean for the future of phishing 30/11/2023 at 08:03 By Help Net Security OpenAI is putting more power into the hands of users of GenAI, allowing them to create their custom AI agents without writing code. These custom GPTs are the latest leap forward in the rapidly evolving AI landscape, but this

React to this headline:

Loading spinner

What custom GPTs mean for the future of phishing Read More »

Scroll to Top