Security News

Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution vulnerability in its GoAnywhere MFT tool that has come under active exploitation by ransomware actors to steal sensitive data. "The unauthorized party used CVE-2023-0669 to create unauthorized user accounts in some MFTaaS customer environments," the company said.

Fortra has completed its investigation into the exploitation of CVE-2023-0669, a zero-day flaw in the GoAnywhere MFT solution that the Clop ransomware gang exploited to steal data from over a hundred companies. The critical GoAnywhere remote code execution flaw became publicly known after Fortra notified customers on February 3rd, 2023.

Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library.

Google has released a security update for the Chrome web browser to fix the second zero-day vulnerability found to be exploited in attacks this year. The stable release is available only for Windows and Mac users, with the Linux version to roll out "Soon," Google says.

In brief Google on Friday released an emergency update for Chrome to address a zero-day security flaw.This fix would be the first zero-day in Chrome squashed by Google this year.

Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine.

Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year. This update was immediately available when BleepingComputer checked for new updates from the Chrome menu > Help > About Google Chrome.

Two Critical bugs in particular grabbed our interest. The last two bugs that intrigued us were CVE-2023-28249 and CVE-2023-28269, both listed under the headline Windows Boot Manager Security Feature Bypass Vulnerability.

Microsoft has patched a zero-day vulnerability in the Windows Common Log File System, actively exploited by cybercriminals to escalate privileges and deploy Nokoyawa ransomware payloads. In light of its ongoing exploitation, CISA also added the CVE-2023-28252 Windows zero-day to its catalog of Known Exploited Vulnerabilities today, ordering Federal Civilian Executive Branch agencies to secure their systems against it by May 2nd. Tracked as CVE-2023-28252, this CLFS security flaw was discovered by Genwei Jiang of Mandiant and Quan Jin of DBAPPSecurity's WeBin Lab.

It's April 2023 Patch Tuesday, and Microsoft has released fixes for 97 CVE-numbered vulnerabilities, including one actively exploited zero-day. "CVE-2023-28252 is the second CLFS elevation of privilege zero-day exploited in the wild this year and the fourth in the last two years. It is also the second CLFS zero-day disclosed to Microsoft by researchers from Mandiant and DBAPPSecurity, though it is unclear if both of these discoveries are related to the same attacker."