Security News

Criminal IP and Tenable Partner for Swift Vulnerability Detection
2024-01-09 15:02

The key feature of this technical alliance lies in streamlining the essential data and information of IP addresses provided by the Criminal IP search engine to Tenable Vulnerability Management. Integrating Criminal IP with Tenable Vulnerability Management will equip users with the comprehensive feature of Criminal IP for detecting IP assets.

SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448)
2024-01-09 11:55

A blind SQL injection vulnerability in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution.Cacti is often used in network operation centers of telecoms and web hosting providers, to collect network performance data and store it in RRDtool, a logging and graphing database and system that, through a web interface, creates graphical representations of the collected data.

Alert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution
2024-01-05 07:42

Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on...

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
2023-12-21 07:22

Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel...

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP
2023-12-21 03:41

Google has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE...

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
2023-12-20 12:59

The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability to distribute malware, the Imperva Threat Research team has found. Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.

SSH shaken, not stirred by Terrapin vulnerability
2023-12-20 08:34

This isn't one to panic over, because someone will need to man-in-the-middle your vulnerable connection rather than directly attack your server; it's a downgrade attack primarily rather than a decryption or command injection issue; and there are ways to immediate protect yourself from Terrapin attacks. There are three issues to be aware of: CVE-2023-48795, which is the generic exploitable protocol-level SSH vulnerability; and CVE-2023-46445 and CVE-2023-46446 specific to the Python SSH client AsyncSSH, which has an estimated 60,000 daily downloads.

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)
2023-12-19 10:11

Security researchers have discovered a vulnerability in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection's security by truncating the extension negotiation message. Terrapin is a prefix truncation attack targeting the SSH protocol.

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
2023-12-19 06:58

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming...

Creating a formula for effective vulnerability prioritization
2023-12-18 05:00

Gorelik discusses challenges posed by regulatory frameworks, incomplete asset inventories, and manual methods, while also exploring the role of automated systems, the future of vulnerability prioritization in the face of evolving cyber threats, and key factors organizations should consider in building effective remediation strategies. A vulnerability with proven exploitability or a high probability of exploitation existing within an active internet-facing business application is likely a higher priority than a vulnerability residing within an unused application in a well-protected environment.