Security News
Ivanti has disclosed yet another security flaw impacting Endpoint Manager Mobile, formerly known as MobileIron Core, that it said has been weaponized as part of an exploit chain by malicious actors in the wild. "This vulnerability can be used in conjunction with CVE-2023-35078, bypassing administrator authentication and ACLs restrictions."
Ivanti released security patches for the path traversal flaw tracked as CVE-2023-35081 today and warned customers that it's "Critical" to upgrade as soon as possible to secure vulnerable appliances against attacks. In light of this, admins and security teams should immediately upgrade their Ivanti EPMM installations to the latest version to protect them from potential attacks.
What we found is an attack scenario that results from chaining security issues found on different Porsche's assets, a website and a GraphQL API, that could lead to data exfiltration. Typically, to be able to perpetrate a CSRF attack from an attacker's-controlled website the victims' web browsers must automatically include the jwtToken cookie in the API requests.
Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers. [...]
The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a cyber attack within four days of identifying that...
A new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads. [...]
Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence tool dubbed FraudGPT on various dark web marketplaces and Telegram channels."This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, etc.," Netenrich security researcher Rakesh Krishnan said in a report published Tuesday.
Several UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a cyber-attack aimed at health software company Ortivus. In a statement, the Sweden-headquartered software vendor said it was subject to a cyber-attack on July 18 which hit UK customer systems within its hosted datacenter environment.
Ivanti has also confirmed that the bug is actively exploited in attacks and warned customers that it's critical to "Immediately take action" to ensure their systems are fully protected. U.S. Federal Civilian Executive Branch Agencies have a three-week deadline, until August 15th, to secure their devices against attacks targeting the CVE-2023-35078 flaw, which was added to CISA's list of Known Exploited Vulnerabilities on Tuesday.
Inventive attackers are specifically targeting Mac systems, as seen with the "Geacon" Cobalt Strike tool attack. To understand the state of cybersecurity on the Mac, the Moonlock team, a dedicated group of MacPaw's researchers and engineers focused on the cybersecurity needs of Mac users, conducted a survey.