Mandiant Updates Guidance for Protecting Against Ivanti Vulnerabilities
Image source: Shutterstock Following its disclosure of two new zero-days Jan 31, Ivanti too has updated its mitigation file. Customers who applied previous mitigation would need re-apply it to address new flaws. Google’s Mandiant security group has released updated guidance for Ivanti customers looking to remediate or harden their Ivanti Connect Secure (formerly Pulse Secure) […]
Read MoreCritical Vulnerability in Jenkins CLI Could Enable Remote Code Execution
Image source: Shutterstock CVE-2024-23897 is the most serious of 12 vulnerabilities that the Jenkins team disclosed on Jan 24. The Jenkins infrastructure team has issued a patch for a critical remote code execution vulnerability in the widely used open-source automation technology for building, testing and deploying application software. CVE-2024-23897 is an arbitrary file read vulnerability […]
Read MoreCVE-2024-0204 in GoAnywhere MFT is a Ticking Time Bomb
Image source: Shutterstock More than 96% of GoAnywhere MFT assets that security vendor Tenable observed on Jan 23 were vulnerable. Mass attacks could soon begin against a critical authentication bypass flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) technology following the release of a proof-of-concept exploit for it this week. Fortra informed customers privately about […]
Read MoreChina’s UTA0178 Threat Group Backdoors 2,100 Ivanti VPN Appliances Via Recently Disclosed 0-Days
- Editor DTI
- January 18, 2024
- cve-2023-46805
- cve-2024-21887
- ivanti
- uta0178
- vpn
Image Source: Shutterstock Attacker stealing sensitive system data, tampering with built-in Integrity Check to hide signs of malicious activity. Multiple threat actors have joined Chinese advanced persistent threat group UTA0178 in targeting two recently disclosed zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances following the public release of a proof-of-concept exploit for the flaws […]
Read MoreExploit Available for Docker Versions of ownCloud Affected by Recent Max. Severity Bug
Image credit: Shutterstock More than 4,000 ownCloud instances remain exposed to attack via CVE-2023-49103; CISA adds vuln to KEV catalog. Attack surface management vendor Onyphe has discovered a total of 4,129 Internet-connected instances of ownCloud that are exposed to attack via the recently disclosed unauthenticated disclosure vulnerability (CVE-2023-49103) in the open-source file sharing and synchronization […]
Read MoreLockBit Ransomware Operators Targeting CitrixBleed in Coordinated Attacks
Image source: Shutterstock China’s ICBC, Boeing, Australian logistics giant DP World, major law firm among known victims so far; More than 5,000 organizations worldwide remain unpatched and vulnerable to CVE-2023-4966 Multiple LockBit ransomware operators are apparently working in a coordinated manner to break into major organizations via “CitrixBleed” (CVE-2023-4966) a critical vulnerability in several versions […]
Read MoreAtlassian Discloses Critical Vulnerability in Confluence Data Center & Server
Image source: Shutterstock Customers vulnerable to “significant data loss” if attackers exploit CVE-2023-22518, company CISO warns. Atlassian wants customers of its Confluence Data Center and Server to immediately upgrade to new versions of the software the company has just released to protect against a critical vulnerability in the collaboration platform. All versions affected: The vulnerability […]
Read MoreHere are the 4 Main Requirements of the New White House Executive Order on AI Safety
Image source: Shutterstock The EO calls for the creation of new standards and guidance to ensure safe use of AI especially in critical infrastructure sectors. The Biden-Harris Administration Monday issued an Executive Order pertaining to the safe and secure use of Artificial Intelligence technologies and systems. The EO lays out requirements for new AI safety […]
Read MorePatch for Cisco Zero Day Bug to Become Available Oct. 22
Image source: Shutterstock Company’s investigation shows attackers actually leveraged two previously unknown bugs, not one, as assumed. There are two important new developments around CVE-2023-20198, the widely exploited zero-day bug in the web UI of Cisco’s IOS EX software. Two 0-Day Bugs, Not One The first is, Cisco’s investigation into the recent widespread attacks targeting […]
Read MoreCisco Recommends Orgs Apply Access Lists to HTTPS Server Feature in IOS XE to Mitigate New 0-Day Threat
Image source: : Shutterstock One security vendor says adversary has used bug to infect thousands of IOS XE devices with an implant for remote code execution. Organizations can protect against the zero-day bug that Cisco disclosed in its IOS XE operating system Monday by restricting access to its HTTP Server feature from untrusted hosts and […]
Read More