exploited - Security Ticks

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

botnet, CISA, exploited, Malware & Threats, Mirai / SecurityTicks

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild 22/12/2023 at 14:46 By Eduard Kovacs CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog. The post CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild appeared first on […]

React to this headline:

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild Read More »

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

Apache, exploited, Struts, Vulnerabilities / SecurityTicks

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs 15/12/2023 at 14:55 By Ionut Arghire Attackers are attempting to exploit a critical RCE flaw in Apache Struts 2 after researchers publish PoC code. The post Recent Apache Struts 2 Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Recent Apache Struts 2 Vulnerability in Attacker Crosshairs Read More »

Sophos Patches EOL Firewalls Against Exploited Vulnerability

exploited, Sophos, Vulnerabilities / SecurityTicks

Sophos Patches EOL Firewalls Against Exploited Vulnerability 13/12/2023 at 13:46 By Ionut Arghire Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit. The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Sophos Patches EOL Firewalls Against Exploited Vulnerability Read More »

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes

Cisco, exploited, Vulnerabilities / SecurityTicks

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes 06/12/2023 at 19:03 By Ionut Arghire The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities. The post Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes Read More »

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

exploited, Featured, Qlik, Ransomware / SecurityTicks

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks 30/11/2023 at 17:46 By Eduard Kovacs Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks. The post Qlik Sense Vulnerabilities Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks Read More »

Google Patches Seventh Chrome Zero-Day of 2023

Chrome, exploited, Featured, Vulnerabilities, Zero-Day / SecurityTicks

Google Patches Seventh Chrome Zero-Day of 2023 29/11/2023 at 16:46 By Ionut Arghire The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023. The post Google Patches Seventh Chrome Zero-Day of 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Google Patches Seventh Chrome Zero-Day of 2023 Read More »

Exploitation of Critical ownCloud Vulnerability Begins

exploited, Featured, Malware & Threats, ownCloud, Vulnerabilities / SecurityTicks

Exploitation of Critical ownCloud Vulnerability Begins 28/11/2023 at 18:01 By Ionut Arghire Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Exploitation of Critical ownCloud Vulnerability Begins Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA KEV, exploited, Featured, Malware & Threats, Sophos / SecurityTicks

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

Zimbra Zero-Day Exploited to Hack Government Emails

email security, exploited, Featured, Government, Malware & Threats, Zimbra / SecurityTicks

Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Zimbra Zero-Day Exploited to Hack Government Emails Read More »

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild

DoS, exploited, Malware & Threats / SecurityTicks

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild 09/11/2023 at 13:32 By Ionut Arghire CISA says an SLP vulnerability allowing for a DoS amplification factor of 2,000 is being exploited in attacks. The post CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild appeared first on SecurityWeek. This

React to this headline:

CISA Says SLP Vulnerability Allowing Amplified DoS Attacks Exploited in the Wild Read More »

SysAid Zero-Day Vulnerability Exploited by Ransomware Group

Cl0p, exploited, Ransomware, SysAid, Vulnerabilities, Zero-Day / SecurityTicks

SysAid Zero-Day Vulnerability Exploited by Ransomware Group 09/11/2023 at 13:32 By Eduard Kovacs CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates. The post SysAid Zero-Day Vulnerability Exploited by Ransomware Group appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

SysAid Zero-Day Vulnerability Exploited by Ransomware Group Read More »

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks

Cloud, cloud security, exploited, Featured, Linux / SecurityTicks

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks 06/11/2023 at 17:06 By Eduard Kovacs Glibc vulnerability affecting major Linux distributions and tracked as Looney Tunables exploited in cloud attacks by Kinsing group. The post ‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

‘Looney Tunables’ Glibc Vulnerability Exploited in Cloud Attacks Read More »

Exploitation of Critical Confluence Vulnerability Begins

Confluence, exploited, Vulnerabilities / SecurityTicks

Exploitation of Critical Confluence Vulnerability Begins 06/11/2023 at 15:47 By Ionut Arghire Threat actors have started exploiting a recent critical vulnerability in Confluence Data Center and Confluence Server. The post Exploitation of Critical Confluence Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Exploitation of Critical Confluence Vulnerability Begins Read More »

Apache ActiveMQ Vulnerability Exploited as Zero-Day

exploited, Malware & Threats, Zero-Day / SecurityTicks

Apache ActiveMQ Vulnerability Exploited as Zero-Day 04/11/2023 at 19:31 By Eduard Kovacs The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10. The post Apache ActiveMQ Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Apache ActiveMQ Vulnerability Exploited as Zero-Day Read More »

Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway

Citrix, Citrix Bleed, exploited, Malware & Threats, Vulnerabilities / SecurityTicks

Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway 01/11/2023 at 17:31 By Ionut Arghire Multiple threat actors are exploiting CVE-2023-4966, aka Citrix Bleed, a critical vulnerability in NetScaler ADC and Gateway. The post Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway Read More »

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day

exploited, Malware & Threats, Roundcube, Russia, Zero-Day / SecurityTicks

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day 25/10/2023 at 19:17 By Ionut Arghire Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments. The post Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day Read More »

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

Cisco, exploited, Malware & Threats, Vulnerabilities / SecurityTicks

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000 19/10/2023 at 14:01 By Eduard Kovacs The number of Cisco devices hacked via the CVE-2023-20198 zero-day has reached 40,000, including many in the US. The post Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000 appeared first on SecurityWeek. This article is

React to this headline:

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000 Read More »

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Citrix, exploited, Featured, Vulnerabilities, Zero-Day / SecurityTicks

Recent NetScaler Vulnerability Exploited as Zero-Day Since August 18/10/2023 at 14:01 By Ionut Arghire Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Recent NetScaler Vulnerability Exploited as Zero-Day Since August Read More »

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability

Atlassian, CISA, exploited, Vulnerabilities / SecurityTicks

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability 17/10/2023 at 14:16 By Ionut Arghire CISA, FBI, and MS-ISAC warn of potential widespread exploitation of CVE-2023-22515, a critical vulnerability in Atlassian Confluence. The post US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

US Gov Expects Widespread Exploitation of Atlassian Confluence Vulnerability Read More »

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cisco, exploited, Featured, Vulnerabilities, Zero-Day / SecurityTicks

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability 17/10/2023 at 14:16 By Eduard Kovacs Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices. The post Cisco Devices Hacked via IOS XE Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability Read More »