Security News

The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called...

The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability to distribute malware, the Imperva Threat Research team has found. Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.

Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans...

EOL Sophos firewalls get hotfix for old but still exploited vulnerabilityOver a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. Attackers are trying to exploit Apache Struts vulnerabilityAttackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2.

A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as NKN (short for New Kind of Network) as a communications...

Attackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. "Attackers aim to deploy webshells, with some cases targeting the parameter 'fileFileName' - a deviation from the original exploit PoC," Akamai's Security Intelligence Group flagged on Wednesday.

North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability and novel malware written in DLang. "This campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228. We have observed Lazarus target manufacturing, agricultural and physical security companies," Cisco Talos researchers shared.

The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to...

Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. A report by Crowdstrike based on data gathered between January 2021 and April 2023 shows that insider threats are on the rise and that using privilege escalation flaws is a significant component of unauthorized activity.

The U.S. Cybersecurity and Infrastructure Security Agency is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier.