Security News

A zero-day vulnerability affecting Fortra's GoAnywhere MFT managed file transfer application is being actively exploited in the wild. The vulnerability is a case of remote code injection that requires access to the administrative console of the application, making it imperative that the systems are not exposed to the public internet.

The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. GoAnywhere is a secure web file transfer solution that allows companies to securely transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files.

Last year, on the last day of August 2022, we wrote with mild astonishment, and perhaps even a tiny touch of excitement, about an unexpected but rather important update for iPhones stuck back on iOS 12. As we remarked at the time, we'd already decided that iOS 12 had slipped off Apple's radar, and would never be updated again, give that the previous update had been a year before that, back in September 2021.

Apple has released security updates for macOS, iOS, iPadOS and watchOS, patching - among other things - a type confusion flaw in the WebKit component that could be exploited for remote code execution on older iPhones and iPads running iOS v12. "Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1," the company said.

A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the government and other large organizations. The attacks entailed the exploitation of CVE-2022-42475, a heap-based buffer overflow flaw that could enable an unauthenticated remote attacker to execute arbitrary code via specifically crafted requests.

Fortinet says unknown attackers exploited a FortiOS SSL-VPN zero-day vulnerability patched last month in attacks against government organizations and government-related targets. The security flaw abused in these incidents is a heap-based buffer overflow weakness found in the FortiOS SSLVPNd that allowed unauthenticated attackers to crash targeted devices remotely or gain remote code execution.

The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, including one bug that the company said is being actively exploited in the wild.It's also worth noting that the U.S. Cybersecurity and Infrastructure Security Agency has added the vulnerability to its Known Exploited Vulnerabilities catalog, urging federal agencies to apply patches by January 31, 2023.

To mark the January 2023 Patch Tuesday, Microsoft has released patches for 98 CVE-numbered vulnerabilities, including one exploited in the wild and one that's been publicly disclosed. The one publicly disclosed vulnerability - CVE-2023-21549, in Windows SMB Witness - is apparently less likely to be exploited in the latest Windows and Windows Server versions, even though attack complexity and privileges required are low, and no user interaction is needed.

Today is Microsoft's January 2023 Patch Tuesday, and with it comes fixes for an actively exploited zero-day vulnerability and a total of 98 flaws. This is the first Patch Tuesday of 2023, and it fixes a whopping 98 vulnerabilities, with eleven of them classified as 'Critical.

Rackspace has confirmed the Play ransomware gang was behind last month's hacking and said it won't bring back its hosted Microsoft Exchange email service, as it continues working to recover customers' email data lost in the December 2 ransomware attack. Rackspace said "More than half" of its customers who lost their hosted email service last month now have "Some or all of their data available to them for download," in its latest and final status update, posted today.