Looney Tunables bug exploited for cryptojacking
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that h.....»»
Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open sourc.....»»
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is.....»»
Intel fixes high-severity CPU bug that causes “very strange behavior”
Among other things, bug allows code running inside a VM to crash hypervisors. Enlarge Intel on Tuesday pushed microcode updates to fix a high-severity CPU bug that has the potential to be maliciously exploited against c.....»»
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. Lace Tempest has previously exploited zero-da.....»»
Open-source vulnerability disclosure: Exploitable weak spots
Flaws in the vulnerability disclosure process of open-source projects could be exploited by attackers to harvest the information needed to launch attacks before patches are made available, Aqua Security researchers worry. The risk arises from “.....»»
Looney Tunables bug exploited for cryptojacking
Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that h.....»»
Okta breach post mortem reveals weaknesses exploited by attackers
The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified t.....»»
Week in review: Exploited Citrix Bleed vulnerability, Atlassian patches critical Confluence bug
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: AI threat landscape: Model theft and inference attacks emerge as top concerns In this Help Net Security interview, Guy Guzner, CEO at Savvy, discuss.....»»
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP add.....»»
How the world might look if animals had legal rights
Let's picture what our societies might look like if animals were granted rights against being killed, made to suffer or exploited for human gain......»»
iOS 17.1 patches these 18 security flaws
Apple has launched its first major update for all users since debuting iOS 17 in September. iOS 17.1 comes with a range of security patches and none of them were identified as exploited in the wild ahead of the fixes. more….....»»
Roundcube webmail zero-day exploited to spy on government entities (CVE-2023-5631)
The Winter Vivern APT group has been exploiting a zero-day vulnerability (CVE-2023-5631) in Roundcube webmail servers to spy on email communications of European governmental entities and a think tank, according to ESET researchers. “Exploitatio.....»»
The latest high-severity Citrix vulnerability under attack isn’t easy to fix
If you run a Netscaler ADC or Gateway, assume it's compromised and take action ... fast. Enlarge (credit: Getty Images) A critical vulnerability that hackers have exploited since August, which allows them to bypass multi.....»»
Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966)
A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, Mandiant researchers have revealed. About CVE-2023-4966 Citrix’s security a.....»»
Cisco IOS XE zero-day exploited by attackers to deliver implant (CVE-2023-20198)
A previously unknown vulnerability (CVE-2023-20198) affecting networking devices running Cisco IOS XE software is being exploited by a threat actor to take control of the devices and install an implant, Cisco Talos researchers have warned today. Abou.....»»
Actively exploited Cisco 0-day with maximum 10 severity gives full network control
An unknown threat actor is exploiting the vulnerability to create admin accounts. Enlarge / Cables run into a Cisco data switch. (credit: Getty Images) Cisco is urging customers to protect their devices following the dis.....»»
Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)
Cloudflare, Google, and Amazon AWS revealed that a zero-day vulnerability in the HTTP/2 protocol has been used to mount massive, high-volume DDoS attacks, which they dubbed HTTP/2 Rapid Reset. Decoding HTTP/2 Rapid Reset (CVE-2023-44487) In late Augu.....»»
Qualcomm patches 3 actively exploited zero-days
Qualcomm has fixed three actively exploited vulnerabilities (CVE-2023-33106, CVE-2023-33107, CVE-2023-33063) in its Adreno GPU and Compute DSP drivers. Vulnerabilities exploited in Qualcomm GPU and DSP drivers The US-based semiconductor company has b.....»»
Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)
A vulnerability (CVE-2023-4211) in the kernel drivers for several Mali GPUs “may be under limited, targeted exploitation,” British semiconductor manufacturer Arm has confirmed on Monday, when it released drivers updated with patches. Arm&.....»»
Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept cod.....»»