Security News
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws,...
Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts...
Security researchers have spotted what they believe to be a "Possible mass exploitation" of vulnerabilities in Progress Software's WS FTP Server. Researchers at Rapid7 began noticing evidence of exploitation on 30 September across multiple instances of WS FTP. Progress released fixes for eight separate vulnerabilities in WS FTP on Wednesday, including one rated a maximum score of 10 on the CVSS severity scale.
Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on...
Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild....
The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched security flaw in Microsoft's.NET and Visual Studio products to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.
Ukraine is warning of a wave of attacks targeting state organizations using 'Merlin,' an open-source post-exploitation and command and control framework. Merlin is a Go-based cross-platform post-exploitation toolkit available for free via GitHub, offering extensive documentation for security professionals to use in red team exercises.
Abusing AWS SSM Agent as a RAT. AWS Systems Manager is an Amazon-signed binary and comprehensive endpoint management system used by administrators for configuration, patching, and monitoring AWS ecosystems comprising EC2 instances, on-premise servers, or virtual machines. Mitiga's discovery is that the SSM agent can be configured to run in "Hybrid" mode even from within the limits of an EC2 instance, allowing access to assets and servers from attacker-controlled AWS accounts.
Ivanti is warning users to update their Endpoint Manager Mobile mobile device management software to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as well as older releases.
Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organizationThe exploitation of the Citrix NetScaler ADC zero-day vulnerability was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency. CISOs under pressure: Protecting sensitive information in the age of high employee turnoverIn this Help Net Security interview, Charles Brooks, Adjunct Professor at Georgetown University's Applied Intelligence Program and graduate Cybersecurity Programs, talks about how zero trust principles, identity access management, and managed security services are crucial for effective cybersecurity, and how implementation of new technologies like AI, machine learning, and tracking tools can enhance supply chain security.