Security Affairs

OCTOBER 25, 2023

Citrix warned of attacks actively exploiting the vulnerability CVE-2023-4966 in NetScaler ADC and Gateway appliances. Citrix is urging administrators to secure all NetScaler ADC and Gateway appliances against the CVE-2023-4966 vulnerability, which is actively exploited in attacks. reported Citrix. reported Citrix.

Authentication 110

Authentication VPN Hacking Government 110

Security Affairs

JUNE 29, 2023

Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as CVE-2023-26258, in its Unified Data Protection (UDP) backup software. Arcserve released UDP 9.1

Authentication 85

Authentication Backups Ransomware Software 85

Security Affairs

OCTOBER 9, 2023

IBM observed a credential harvesting campaign that is targeting Citrix NetScaler gateways affected by the CVE-2023-3519 vulnerability. IBM’s X-Force researchers reported that threat actors are conducting a large-scale credential harvesting campaign exploiting the recent CVE-2023-3519 vulnerability (CVSS score: 9.8)

VPN 103

VPN Authentication Cyber Attacks Passwords 103

Security Affairs

OCTOBER 31, 2023

Researchers publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. ai publicly released the exploit code for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198. “[the PoC code] is an example request that bypasses authentication on vulnerable instances of IOS-XE.

Internet 120

Internet Internet Software Accountability 120

Security Affairs

SEPTEMBER 19, 2023

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845.

Firewall 118

Firewall Internet Internet Authentication 118

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 99

Social Engineering Authentication Engineering Accountability 99

Security Affairs

MAY 8, 2024

The issue is tracked as CVE-2023-49606 and received a CVSS score of 9.8. the code is only triggered after access list checks and authentication have succeeded. so if you use basic auth with a reasonably secure password or allow only specific trusted hosts you won’t have to worry. and Tinyproxy 1.10.0.

Internet 101

Internet Internet Authentication Passwords 101

Security Affairs

MAY 11, 2023

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models. “Team82 disclosed five vulnerabilities in NETGEAR’s Nighthawk RAX30 routers as part of its research and participation in last December’s Pwn2Own Toronto hacking competition.”

Hacking 92

Hacking Firmware Authentication DNS 92

Security Affairs

AUGUST 21, 2023

Ivanti warned customers of a new critical Sentry API authentication bypass vulnerability tracked as CVE-2023-38035. The software company Ivanti released urgent security patches to address a critical-severity vulnerability, tracked as CVE-2023-38035 (CVSS score 9.8), in the Ivanti Sentry (formerly MobileIron Sentry) product.

Authentication 76

Authentication Internet Internet Mobile 76

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. The Rhysida ransomware group has been active since May 2023.

Hacking 116

Hacking Ransomware Manufacturing Healthcare 116

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. It has been used to attack more than 329 organizations globally and has grown to become the fourth-most active strain of ransomware by number of victims in 2022-2023.”

Ransomware 106

Ransomware Hacking Healthcare Retail 106

Security Affairs

JUNE 20, 2023

Zyxel released security updates to address a critical vulnerability affecting its network-attached storage (NAS) devices. Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. in its firewall devices.

Firmware 85

Firmware Firewall Authentication VPN 85

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The advisory is part of the ongoing #StopRansomware effort, disseminating information about tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with ransomware groups.

Ransomware 112

Ransomware Hacking Engineering Manufacturing 112

Security Affairs

OCTOBER 18, 2023

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. ” reported Citrix.

Authentication 89

Authentication VPN Hacking Government 89

Security Affairs

JUNE 20, 2023

VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild,” reads the advisory. The vulnerability CVE-2023-20887 (CVSSv3 score of 9.8)

Authentication 89

Authentication Hacking Technology Information Security 89

Security Affairs

OCTOBER 4, 2023

Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. The flaw CVE-2023-22515 is a privilege escalation vulnerability that affects Confluence Data Center and Server 8.0.0 and later.

Software 112

Software Accountability Authentication Internet 112

Security Affairs

JULY 26, 2023

Experts warn of a severe privilege escalation, tracked as CVE-2023-30799 , in MikroTik RouterOS that can be exploited to hack vulnerable devices. VulnCheck researchers warn of a critical vulnerability, tracked as CVE-2023-30799 (CVSS score: 9.1), that can be exploited in large-scale attacks to target over 500,000 RouterOS systems.

Hacking 91

Hacking Passwords Authentication Encryption 91

Security Affairs

NOVEMBER 2, 2023

“On October 12, 2023, Rightway informed Okta that an unauthorized actor gained access to an eligibility census file maintained by Rightway in its provision of services to Okta. “The investigation revealed that your personal information was contained in the impacted file. .

Data breaches 108

Data breaches Hacking Healthcare Social Engineering 108

Security Affairs

MARCH 26, 2023

Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. reads the advisory published by Microsoft.

Authentication 89

Authentication Accountability Cyber Attacks Hacking 89

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE. ” reads the advisory published by the IT giant.

VPN 102

VPN Software Encryption Authentication 102

Security Affairs

NOVEMBER 27, 2023

Ukraine’s intelligence service announced the hack of the Russian Federal Air Transport Agency, ‘Rosaviatsia.’ ’ Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ ” reads the announcement. ” reads the announcement.

Hacking 103

Hacking Engineering Manufacturing Government 103

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. The Rhysida ransomware group has been active since May 2023. Data from the Royal Family!

Ransomware 105

Ransomware Hacking Manufacturing Healthcare 105

SecureList

AUGUST 14, 2023

Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation.

Phishing 78

Phishing Hacking Banking Scams 78

Security Affairs

JUNE 7, 2023

Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8) ” continues the advisory.

Authentication 81

Authentication Hacking Technology Information Security 81

Security Affairs

MAY 30, 2023

PyPI is going to enforce two-factor authentication (2FA) for all project maintainers by the end of this year over security concerns. Due to security concerns, PyPI will be mandating the use of two-factor authentication (2FA) for all project maintainers by the end of this year. ” reads the announcement.

Authentication 79

Authentication Accountability Hacking Malware 79

Security Affairs

APRIL 12, 2023

SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. CVE-2023-28765 : An attacker with basic privileges in SAP BusinessObjects Business Intelligence Platform (Promotion Management) – versions 420, 430, can exploit the issue to access to lcmbiar file and further decrypt the file.

Education 78

Education Media Authentication Passwords 78

Security Affairs

FEBRUARY 18, 2023

Twitter has announced that the platform will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers. To date, Twitter has offered three methods of 2FA : text message, authentication app, and security key. ” reads the post published by the social media and social networking service.

Authentication 90

Authentication Accountability Media Hacking 90

Security Affairs

SEPTEMBER 25, 2023

Sonar’s Vulnerability Research Team discovered a critical security vulnerability, tracked as CVE-2023-42793 (CVSS score of 9.8), in TeamCity. The vulnerability is an authentication bypass issue affecting the on-premises version of TeamCity. ” The link for the Security patch plugin are for TeamCity 2018.2

Hacking 111

Hacking Software Authentication Internet 111

Security Affairs

AUGUST 24, 2023

Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). and prior. “If

Internet 76

Internet Internet Authentication Risk 76

Security Affairs

MARCH 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. Microsoft addressed the remote code execution flaw in SharePoint Server, tracked as CVE-2023-24955 (CVSS Score 7.2), in May 2023.

Hacking 109

Hacking Authentication Cybersecurity Risk 109

Security Affairs

AUGUST 13, 2023

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. The researchers presented their findings at the DEFCON security conference today. The nine vulnerabilities have received CVE between CVE-2023-3259 through CVE-2023-3267.

Hacking 81

Hacking Firmware Authentication Software 81

Security Affairs

FEBRUARY 14, 2023

Microsoft Patch Tuesday security updates for February 2023 addressed 75 flaws, including three actively exploited zero-day bugs. The most severe actively exploited flaw is tracked as CVE-2023-21823 , it is a Windows Graphics Component remote code execution vulnerability. ” reads the advisory published by Microsoft.

Social Engineering 83

Social Engineering Engineering Authentication IoT 83

Security Affairs

JULY 18, 2023

Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2023-28121 (CVSS score: 9.8), in the WooCommerce Payments WordPress plugin. through 5.6.1

Hacking 82

Hacking Authentication Cybercrime Information Security 82

Security Affairs

JANUARY 21, 2023

Cisco recently warned of a critical vulnerability , tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL).

Hacking 93

Hacking Small Business VPN Internet 93

Security Affairs

MAY 21, 2024

The other vulnerabilities impacting Network Attached Storage (NAS) discovered by WatchTowr code execution, buffer overflow, memory corruption, authentication bypass, and XSS issues impacting the security of Network Attached Storage (NAS) devices across different deployment environments.

Authentication 94

Authentication Accountability Social Engineering Engineering 94

Security Affairs

AUGUST 20, 2023

” Below is the list of flaw addressed by Juniper: The specific issues reported and resolved are listed below: CVE CVSS Summary CVE-2023-36844 5.3 CVE-2023-36845 5.3 CVE-2023-36846 5.3 CVE-2023-36847 5.3 The company as a workaround suggests disabling J-Web, or limiting access to only trusted hosts.

Hacking 78

Hacking Authentication Information Security Network Security 78

Security Affairs

JANUARY 13, 2024

Akira ransomware infections were first reported in Finland in June 2023, however, in December the number of attacks increased. NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost.

Ransomware 103

Ransomware Backups VPN Authentication 103