Security News

Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users' real IP address. Details about this zero-day vulnerability as well as exploit code have been publicly released on Reddit several days ago by the person who discovered the flaw and purportedly first tried to privately share the discovery with Atlas VPN. About the Atlas VPN zero-day vulnerability.

We introduce Silverfort Unified Identity Protection, a comprehensive solution that offers enhanced security for AD environments against the misuse of compromised credentials. AD environments are highly vulnerable to attacks that make use of compromised credentials.

A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. What's more, FOXTROT shares overlaps with an open-source rootkit called Reptile, which has been extensively used by multiple Chinese hacking crews in recent months.

Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway zero-day, with a focus on entities across the Americas. Barracuda warned customers that the vulnerability was being exploited to breach ESG appliances on May 20, when it also patched all vulnerable devices remotely.

Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems. Successful exploitation can let them run system commands or write files onto systems running Ivanti Sentry versions 9.18 and prior.

A recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings from Group-IB reveal. The vulnerability, cataloged as CVE-2023-38831, allows threat actors to spoof file extensions, thereby making it possible to launch malicious scripts contained within an archive that masquerades as seemingly innocuous image or text files.

Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR to trick traders into installing malware that would allow them to steal money from broker accounts. CVE-2023-38831 is a file extension spoofing vulnerability, which allowed attackers to create a modified RAR or ZIP archive containing harmless files and malicious ones.

A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. The vulnerability has been under active exploitation since April 2023, helping distribute various malware families, including DarkMe, GuLoader, and Remcos RAT. The WinRAR zero-day vulnerability allowed the threat actors to create malicious.

Ivanti is urging administrators of Ivanti Sentry gateways to patch a newly discovered vulnerability that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. CVE-2023-38035 is an API authentication bypass flaw that may enable unauthenticated attackers to access APIs that are used to configure the Ivanti Sentry on the administrator portal/interface, which runs by default on port 8443.

Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry that it said is being actively exploited in the wild, marking an escalation of its security woes. "If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal," the company said.