exploit

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, exploit, Hot stuff, Huntress, MSP, News, Palo Alto Networks, PoC, remote access, remote management, Shadowserver, vulnerability, WatchTowr /

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) 2024-02-22 at 12:31 By Zeljka Zorz The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newer version of ScreenConnect […]

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) Read More »

Attack velocity surges with average breakout time down to only 62 minutes

credentials, CrowdStrike, cybercrime, cybersecurity, election security, exploit, generative AI, News, report, survey /

Attack velocity surges with average breakout time down to only 62 minutes 2024-02-22 at 07:31 By Help Net Security The speed of cyberattacks continues to accelerate at an alarming rate, according to CrowdStrike. Adversaries increasingly exploit stolen credentials The speed of cyberattacks continues to accelerate at an alarming rate. The report indicates that the average

Attack velocity surges with average breakout time down to only 62 minutes Read More »

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors

critical infrastructure, Cybercrime forums, exploit, Fortinet, ODIN, vulnerability /

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors 2024-02-16 at 08:46 By cybleinc Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure. The post Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors appeared first on Cyble. This article is an excerpt from Cyble View Original Source

Vulnerable Fortinet Devices: Low-hanging Fruit for Threat Actors Read More »

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)

backdoor, Don't miss, exploit, Hot stuff, Ivanti, News, Orange Cyberdefense, vulnerability /

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) 2024-02-13 at 13:01 By Helga Labus Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation Ivanti disclosed CVE-2024-21893 – a server-side request

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) Read More »

SiCat: Open-source exploit finder

451 Research, Don't miss, exploit, GitHub, Hot stuff, News, open source, software /

SiCat: Open-source exploit finder 2024-02-12 at 06:31 By Mirko Zorz SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to assist in cybersecurity, enabling users to search the internet for potential vulnerabilities and corresponding exploits. Akas Wisnu Aji,

SiCat: Open-source exploit finder Read More »

Akira, LockBit actively searching for vulnerable Cisco ASA devices

Cisco, Don't miss, enterprise, exploit, GreyNoise, Hot stuff, News, Ransomware, Truesec, vulnerability /

Akira, LockBit actively searching for vulnerable Cisco ASA devices 2024-02-08 at 14:31 By Zeljka Zorz Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. They are targeting vulnerabilities for which patches have been made available in 2020 and 2023.

Akira, LockBit actively searching for vulnerable Cisco ASA devices Read More »

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

Don't miss, exploit, Hot stuff, Ivanti, News, Shadowserver, vulnerability /

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) 2024-02-07 at 12:16 By Zeljka Zorz CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) Read More »

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

Akamai, botnet, Don't miss, exploit, Hot stuff, Linux, Log4j, Malware, News, vulnerability /

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities 2024-02-01 at 17:31 By Helga Labus The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities Read More »

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527)

exploit, vulnerability /

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) 2024-01-30 at 17:15 By neetha871ad236bd Cyble’s Global Sensor Intelligence (CGSI) network picks up scanning attempts aiming to exploit a recent Vulnerability in Atlassian Confluence. The post Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. The post Active Exploitation of Atlassian Confluence RCE Vulnerability

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) Read More »

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527)

Annoucement, exploit, vulnerability /

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) 2024-01-30 at 16:02 By neetha871ad236bd There is no excerpt because this is a protected post. The post Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. The post Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. This

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) Read More »

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Don't miss, exploit, Hot stuff, Jenkins, News, open source, PoC, security update, SonarSource, vulnerability /

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) 2024-01-29 at 13:31 By Helga Labus Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) Read More »

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

CISA, Don't miss, endpoint management, exploit, GreyNoise, Ivanti, News, Rapid7, vulnerability /

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) 2024-01-19 at 19:49 By Zeljka Zorz A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) Read More »

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities

exploit, Malware, vulnerability /

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities 2024-01-19 at 16:18 By cybleinc Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities Introduction Cyble Global Sensor Intelligence (CGSI) has detected the continuous exploitation of recently revealed vulnerabilities in Ivanti Connect Secure (ICS), previously known as Pulse Connect Secure

Cyble Global Sensors pick up persistent exploitation of Ivanti Connect Secure Vulnerabilities Read More »

Akira ransomware attackers are wiping NAS and tape backups

backup, Cisco, Don't miss, EU, exploit, Hot stuff, NAS, News, Ransomware, vulnerability /

Akira ransomware attackers are wiping NAS and tape backups 2024-01-12 at 16:17 By Helga Labus “The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National Cybersecurity Center (NCSC-FI) has shared on Wednesday. NCSC-FI has received 12 reports of Akira

Akira ransomware attackers are wiping NAS and tape backups Read More »

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones

exploit, Featured, iOS, Mobile & Wireless, Operation Triangulation /

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones 2023-12-28 at 14:01 By Ionut Arghire iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones Read More »

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers

cryptojacking, Don't miss, exploit, Hot stuff, Imperva, Malware, News, Oracle WebLogic, research, vulnerability /

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers 20/12/2023 at 16:02 By Helga Labus The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers Read More »

Russian hackers target unpatched JetBrains TeamCity servers

APT, CISA, cyber espionage, Don't miss, enterprise, exploit, Fortinet, Hot stuff, JetBrains, National Cyber Security Centre, News, Shadowserver, vulnerability /

Russian hackers target unpatched JetBrains TeamCity servers 14/12/2023 at 16:04 By Helga Labus Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish cybersecurity and law enforcement authorities have warned. The targets APT 29 (aka CozyBear, aka Midnight Blizzard), believed to be associated with

Russian hackers target unpatched JetBrains TeamCity servers Read More »

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Akamai, Apache Struts, Don't miss, exploit, Hot stuff, News, PoC, Shadowserver, vulnerability /

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) 14/12/2023 at 13:32 By Zeljka Zorz Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter ‘fileFileName’ – a deviation from the original

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) Read More »

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware

Cisco, Don't miss, exploit, Hot stuff, Log4j, Malware, News, North Korea, vulnerability /

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware 12/12/2023 at 17:50 By Helga Labus North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D programming language). “This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware Read More »

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)

Adobe ColdFusion, CISA, Don't miss, exploit, Government, Hot stuff, News, vulnerability /

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360) 06/12/2023 at 17:46 By Helga Labus Unknown attackers have leveraged a critical vulnerability (CVE-2023-26360) in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency (CISA) has shared. About the exploited vulnerability CVE-2023-26360 is a deserialization of untrusted data

CISA: Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360) Read More »

Scroll to Top