Breaches

Breaches Vulnerabilities

Exploit Available for Docker Versions of ownCloud Affected by Recent Max. Severity Bug

Image credit: Shutterstock More than 4,000 ownCloud instances remain exposed to attack via CVE-2023-49103; CISA adds vuln to KEV catalog. Attack surface management vendor Onyphe has discovered a total of 4,129 Internet-connected instances of ownCloud that are exposed to attack via the recently disclosed unauthenticated disclosure vulnerability (CVE-2023-49103) in the open-source file sharing and synchronization […]

Read More
Breaches Emerging Threats Vulnerabilities

Cisco Recommends Orgs Apply Access Lists to HTTPS Server Feature in IOS XE to Mitigate New 0-Day Threat

Image source: : Shutterstock One security vendor says adversary has used bug to infect thousands of IOS XE devices with an implant for remote code execution. Organizations can protect against the zero-day bug that Cisco disclosed in its IOS XE operating system Monday by restricting access to its HTTP Server feature from untrusted hosts and […]

Read More
Breaches Vulnerabilities

Actively Exploited Zero-Day Bug in Cisco IOS XE Gives Attackers Total Admin Access to Affected Devices

Image source: Shutterstock Cisco recommends that customers immediately disable HTTPS Server feature on all Internet-facing devices running the operating system till a fix or other workaround becomes available. An unknown threat actor is actively exploiting a zero-day vulnerability in the web user interface of Cisco’s IOS XE operating system to drop an implant for arbitrary […]

Read More
Breaches Emerging Threats Vulnerabilities

Patch Now: Atlassian Discloses Zero-Day Bug in Confluence Data Center and Server

Image Source: Shutterstock Several customers have reported attackers exploiting the vulnerability to create unauthorized Confluence administrator accounts and to access Confluence instances, company says. Atlassian wants organizations using its on-premises Confluence Data Center and Server content collaboration software to immediately update to new versions that the company released today to address a critical privilege escalation […]

Read More
Backbone high-speed Internet communication channel. Fiber optic cable are connected to the interfaces of the central router.
Breaches

North Korea’s Lazarus Group Targets Critical Infrastructure with New Malware Variant

In its third major campaign this year, North Korea’s Lazarus Group is targeting healthcare entities and infrastructure backbone companies.

Read More
Breaches Vulnerabilities

APT37 using South Korea stampede themed lure to exploit new IE zero-day flaw

Microsoft patched flaw after Google TAG researchers reported it to the company in October. Microsoft has patched a zero-day vulnerability in Internet Explorer’s Jscript engine after researchers from Google’s Threat Analysis Group (TAG) informed the company about seeing North Korea’s APT37 group using it in attacks against South Korean targets. The zero-day flaw (CVE-2022-41128) stems […]

Read More
Breaches Supply Chain

August intrusion into LastPass development environment results in 2nd breach

Password management company says a threat actor used information from previous breach to access customer information. When a threat actor manages to gain access to an organization’s software development environment, bad things can happen. The latest to learn that lesson the hard way is password management vendor LastPass which in August 2022 experienced an incident […]

Read More
Breaches Supply Chain Vulnerabilities

Magecart actors ramp up exploit attempts against Magento/Adobe Commerce vulnerability

Sansec says it has observed more probes in November against the now-patched zero-day flaw (CVE-2022-24086) than the rest of the year combined. Seven threat groups affiliated with the Magecart cybercrime syndicate have begun heavily targeting a critical, arbitrary code execution vulnerability in the Magento 2 and Adobe Commerce platform that powers tens of thousands of […]

Read More
Breaches Enterprise Vulnerabilities

7 vulnerabilities that federal agencies MUST address by Nov 29

Four of the vulnerabilities are Windows zero-day bugs that Microsoft disclosed in its November security update; three affect Samsung mobile devices. The US Cybersecurity and Infrastructure Security Agency’s (CISA) Binding Operational Directive 22-01 issued in Nov. 2021 requires all federal civilian executive branch agencies to address software bugs that are listed in CISA’s Known Exploited […]

Read More
Breaches Emerging Threats Malware

Australian Federal Police say Russian threat actor behind Medibank breach

“We will be holding talks with Russian law enforcement about these individuals,” AFP Commissioner says [300 words]. What: The Australian Federal Police (AFP) has identified the threat actor behind the catastrophic attack on health-insurer Medibank as being a Russia-based group. In a statement Friday, AFP Commissioner Reece Kershaw said that investigators had managed to trace […]

Read More