Emerging Threats

notebook screen displaying VPN logo
Emerging Threats Enterprise Malware Vulnerabilities

Mandiant Updates Guidance for Protecting Against Ivanti Vulnerabilities

Image source: Shutterstock Following its disclosure of two new zero-days Jan 31, Ivanti too has updated its mitigation file. Customers who applied previous mitigation would need re-apply it to address new flaws. Google’s Mandiant security group has released updated guidance for Ivanti customers looking to remediate or harden their Ivanti Connect Secure (formerly Pulse Secure) […]

Read More
Coding script text on screen. Notebook closeup photo.
Emerging Threats Vulnerabilities

Critical Vulnerability in Jenkins CLI Could Enable Remote Code Execution

Image source: Shutterstock CVE-2024-23897 is the most serious of 12 vulnerabilities that the Jenkins team disclosed on Jan 24. The Jenkins infrastructure team has issued a patch for a critical remote code execution vulnerability in the widely used open-source automation technology for building, testing and deploying application software. CVE-2024-23897 is an arbitrary file read vulnerability […]

Read More
High contrast image of a time bomb on a wooden background
Breaches Emerging Threats Enterprise Vulnerabilities

CVE-2024-0204 in GoAnywhere MFT is a Ticking Time Bomb

Image source: Shutterstock More than 96% of GoAnywhere MFT assets that security vendor Tenable observed on Jan 23 were vulnerable. Mass attacks could soon begin against a critical authentication bypass flaw in Fortra’s GoAnywhere Managed File Transfer (MFT) technology following the release of a proof-of-concept exploit for it this week. Fortra informed customers privately about […]

Read More
Cell phone screen with the word VPN
Breaches Emerging Threats Vulnerabilities

China’s UTA0178 Threat Group Backdoors 2,100 Ivanti VPN Appliances Via Recently Disclosed 0-Days

Image Source: Shutterstock Attacker stealing sensitive system data, tampering with built-in Integrity Check to hide signs of malicious activity. Multiple threat actors have joined Chinese advanced persistent threat group UTA0178 in targeting two recently disclosed zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances following the public release of a proof-of-concept exploit for the flaws […]

Read More
Emerging Threats Enterprise Vulnerabilities

LockBit Ransomware Operators Targeting CitrixBleed in Coordinated Attacks

Image source: Shutterstock China’s ICBC, Boeing, Australian logistics giant DP World, major law firm among known victims so far; More than 5,000 organizations worldwide remain unpatched and vulnerable to CVE-2023-4966 Multiple LockBit ransomware operators are apparently working in a coordinated manner to break into major organizations via “CitrixBleed” (CVE-2023-4966) a critical vulnerability in several versions […]

Read More
Emerging Threats Vulnerabilities

Patch for Cisco Zero Day Bug to Become Available Oct. 22

Image source: Shutterstock Company’s investigation shows attackers actually leveraged two previously unknown bugs, not one, as assumed. There are two important new developments around CVE-2023-20198, the widely exploited zero-day bug in the web UI of Cisco’s IOS EX software. Two 0-Day Bugs, Not One The first is, Cisco’s investigation into the recent widespread attacks targeting […]

Read More
Breaches Emerging Threats Vulnerabilities

Cisco Recommends Orgs Apply Access Lists to HTTPS Server Feature in IOS XE to Mitigate New 0-Day Threat

Image source: : Shutterstock One security vendor says adversary has used bug to infect thousands of IOS XE devices with an implant for remote code execution. Organizations can protect against the zero-day bug that Cisco disclosed in its IOS XE operating system Monday by restricting access to its HTTP Server feature from untrusted hosts and […]

Read More
Breaches Emerging Threats Vulnerabilities

Patch Now: Atlassian Discloses Zero-Day Bug in Confluence Data Center and Server

Image Source: Shutterstock Several customers have reported attackers exploiting the vulnerability to create unauthorized Confluence administrator accounts and to access Confluence instances, company says. Atlassian wants organizations using its on-premises Confluence Data Center and Server content collaboration software to immediately update to new versions that the company released today to address a critical privilege escalation […]

Read More
Emerging Threats Vulnerabilities

CISA Adds Critical TeamCity Flaw to Known Exploited Vulnerabilities Catalog

Image source: Shutterstock Move follows reports this week of threat actors actively exploiting the flaw in ransomware attacks. The US Cybersecurity and Infrastructure Security Agency (CISA) has added a recently disclosed authentication bypass flaw in the JetBrains TeamCity CI/CD platform (CVE-2023-42793) to its catalog of known exploited vulnerabilities (KEV). The move follows recent reports about […]

Read More
Emerging Threats Enterprise Vulnerabilities

Here’s What You Need to Know About the Severe “Looney TUNABLES” Vuln in Multiple Linux Distros

Image source: Shutterstock CVE-2023-4911 is a local privilege escalation flaw that gives attackers a way to gain root access on versions of Debian, Fedora, Ubuntu and other Linux distributions using the glibc library. Millions of Linux systems running default installations of certain versions of Debian, Fedora, Ubuntu—and likely other distributions using the GNU C Library […]

Read More