Security News

Citrix has patched three vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is a zero-day being exploited by attackers. In early 2022, the company reported the exploitation of a RCE vulnerability in its Citrix ADC deployments by a Chinese state-sponsored group.

Smells like Russian cyber spies (again) A vulnerability in Zimbra's software is being exploited right now by miscreants to compromise systems and attack selected government organizations, experts reckon.…

Popular collaboration product Zimbra has warned customers to apply a software patch urgently to close a security hole that it says "Could potentially impact the confidentiality and integrity of your data." The vulnerability is what's known as an XSS bug, short for cross-site scripting, whereby performing an innocent-looking operation via site X, such as clicking through to site Y, gives the operator of site X a sneaky chance to implant rogue JavaScript code into the web pages that your browser receives back from Y. This, in turn, means that X may end up with access to your account on site Y, by reading out and perhaps even modifying data that would otherwise be private to Y, such as your account details, login cookies, authentication tokens, transaction history, and so on.

"Apple is aware of an issue where recent Rapid Security Responses might prevent some websites from displaying properly," Apple said on Tuesday. Today, Apple started pushing iOS 16.5.1, iPadOS 16.5.1, and macOS 13.4.1 Security Response updates that address the web browsing issues.

SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company's Global Management System firewall management and Analytics network reporting engine software suites."This suite of vulnerabililtes, which was responsibility disclosed, includes four vulnerabilities with a CVSSv3 rating of CRITICAL, that allows an attacker to bypass authentication and could potentially result in exposure of sensitive information to an unauthorized actor," SonicWall said.

Today is Microsoft's July 2023 Patch Tuesday, with security updates for 132 flaws, including six actively exploited and thirty-seven remote code execution vulnerabilities. "An attacker must have local access to the targeted machine and the user must be able to create folders and performance traces on the machine, with restricted privileges that normal users have by default," warns Microsoft.

Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw that it said has been actively exploited in the wild. The WebKit bug, cataloged as CVE-2023-37450, could allow threat actors to achieve arbitrary code execution when processing specially crafted web content.

CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month's Android security updates. With this month's security updates for the Android operating system, Google patched two more security flaws tagged as being exploited in attacks.

"An SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database," reads Progress's security bulletin. "An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content" - MOVEit Transfer advisory.

There's been a lot of activity with Microsoft this month which may impact updates we'll see. Starting on Patch Tuesday, the application of Windows 11 22H2 KB5027231 cumulative update broke Google Chrome for users running Malwarebytes, Cisco Secure Endpoint, and WatchGuard Endpoint Security - they were not able to launch Google Chrome.