Security News

Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
2023-10-03 16:37

Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws,...

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation
2023-10-03 04:58

Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts...

Security researchers believe mass exploitation attempts against WS_FTP have begun
2023-10-02 13:45

Security researchers have spotted what they believe to be a "Possible mass exploitation" of vulnerabilities in Progress Software's WS FTP Server. Researchers at Rapid7 began noticing evidence of exploitation on 30 September across multiple instances of WS FTP. Progress released fixes for eight separate vulnerabilities in WS FTP on Wednesday, including one rated a maximum score of 10 on the CVSS severity scale.

Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
2023-09-29 03:02

Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on...

Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
2023-09-27 05:23

Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild....

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation
2023-08-11 03:38

The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched security flaw in Microsoft's.NET and Visual Studio products to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.

Hackers use open source Merlin post-exploitation toolkit in attacks
2023-08-09 21:32

Ukraine is warning of a wave of attacks targeting state organizations using 'Merlin,' an open-source post-exploitation and command and control framework. Merlin is a Go-based cross-platform post-exploitation toolkit available for free via GitHub, offering extensive documentation for security professionals to use in red team exercises.

Amazon's AWS SSM agent can be used as post-exploitation RAT malware
2023-08-02 15:18

Abusing AWS SSM Agent as a RAT. AWS Systems Manager is an Amazon-signed binary and comprehensive endpoint management system used by administrators for configuration, patching, and monitoring AWS ecosystems comprising EC2 instances, on-premise servers, or virtual machines. Mitiga's discovery is that the SSM agent can be configured to run in "Hybrid" mode even from within the limits of an EC2 instance, allowing access to assets and servers from attacker-controlled AWS accounts.

Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation
2023-07-25 03:51

Ivanti is warning users to update their Endpoint Manager Mobile mobile device management software to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as well as older releases.

Week in review: VirusTotal data leak, Citrix NetScaler zero-day exploitation
2023-07-23 08:00

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organizationThe exploitation of the Citrix NetScaler ADC zero-day vulnerability was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency. CISOs under pressure: Protecting sensitive information in the age of high employee turnoverIn this Help Net Security interview, Charles Brooks, Adjunct Professor at Georgetown University's Applied Intelligence Program and graduate Cybersecurity Programs, talks about how zero trust principles, identity access management, and managed security services are crucial for effective cybersecurity, and how implementation of new technologies like AI, machine learning, and tracking tools can enhance supply chain security.