Security News

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making it the latest malware to adopt the cross-platform programming language after BlackCat, Hive, Luna, and RansomExx. A previous version of the ransomware, written in Go and customized for each victim, singled out healthcare and education sectors in countries like Indonesia, Saudi Arabia, South Africa, and Thailand.

Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958, the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation Security Mechanism.

VMware released security updates to address a critical-severity vulnerability impacting ESXi, Workstation, Fusion, and Cloud Foundation, and a critical-severity command injection flaw affecting vRealize Network Insight.The VMware ESXi heap out-of-bounds write vulnerability is tracked as CVE-2022-31705 and has received a CVSS v3 severity rating of 9.3.

The China-linked crime gang APT5 is already attacking a flaw in Citrix's Application Delivery Controller and Gateway products that the vendor patched today. Citrix says the flaw, CVE-2022-27518, "Could allow an unauthenticated remote attacker to perform arbitrary code execution on the appliance" if it is configured as a SAML service provider or identity provider.

Citrix strongly urges admins to apply security updates for an 'Critical' zero-day vulnerability in Citrix ADC and Gateway that is actively exploited by state-sponsored hackers to gain access to corporate networks. Citrix ADC and Citrix Gateway version 13.1 are not affected by CVE-2022-27518, so upgrading to it solves the security problem.

Citrix is strongly urging admins to apply security updates for an actively exploited 'Critical' zero-day vulnerability in Citrix ADC and Gateway that allows a remote attacker to take control of a device. Citrix is warning admins to install the latest update "As soon as possible" as the vulnerability is actively exploited in attacks.

A critical RCE vulnerability in Fortinet's operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, and 6.2.0 through 6.2.11.

This is where automation is critical to scale security and compliance. Automation enables compliance and security standardization.

Wazuh is a free and open source SIEM and XDR platform. The Wazuh central components analyze security data from endpoints in your infrastructure.

The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.