Security News

There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "Not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability." On April 12, Palo Alto Networks warned about limited attacks against internet-exposed firewalls, likely by a state-backed threat actor, who managed to install backdoors, grab sensitive data, and move laterally through target organizations' networks.

2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries and drivers, as they can affect multiple products and effectively offer more possibilities for attack. Another interesting conclusion from Google's recent rundown of the 97 zero-days exploited in-the-wild in 2023 is that there's a notable increase in targeting enterprise-specific technologies.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation....

Commerce is the most attacked vertical with 44% of API attacks, followed by business services at nearly 32%. APIs are vital to most organizations because they improve both employee and customer experiences. Cybercriminals have leveraged this digital innovation and the rapid expansion of the API economy to create new opportunities for exploitation.

The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure...

Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as...

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the...

A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver...

An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers. The exploitation volume of this particular vulnerability is far greater than that of other recently fixed or mitigated Ivanti flaws, indicating a clear shift in the attackers' focus.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities...