Researchers Report Attacks Targeting Max Severity Bug in Progress Software’s WS_FTP
Image source: Shutterstock The in-the-wild exploit activity could be a harbinger of things to come. As happened with a zero-day bug in Progress Software’s MOVEit file transfer software earlier this year, attackers have already started targeting a maximum severity vulnerability and other flaws the company disclosed last week in its WS_FTP Server file transfer technology. […]
Read More
What You Need to Know About the Critical New Bugs in Progress Software’s WS_FTP Server
Image source: Shutterstock Based on the extensive targeting of the previous bug in the company’s MOVEit product, it’s safe to bet attacks targeting the WS_FTP flaws are imminent. A maximum severity vulnerability is present in all versions of Progress Software’s widely used WS_FTP Server file transfer software that gives an unauthenticated attacker a way to […]
Read More
PoC Exploit Chain for Critical SharePoint Vulns Heightens Attack Risks
Orgs should immediately apply the patches that Microsoft issued for the flaws if they haven’t done so already. Researchers at Singapore-based StarLabs have released details of a chained remote code execution exploit they developed for two critical flaws in Microsoft SharePoint server that they previously discovered and disclosed to the company. Microsoft patched one of […]
Read More
Australian Federal Police say Russian threat actor behind Medibank breach
“We will be holding talks with Russian law enforcement about these individuals,” AFP Commissioner says [300 words]. What: The Australian Federal Police (AFP) has identified the threat actor behind the catastrophic attack on health-insurer Medibank as being a Russia-based group. In a statement Friday, AFP Commissioner Reece Kershaw said that investigators had managed to trace […]
Read MoreRomCom threat actor using spoofed SolarWinds, KeePass apps to distribute RAT
Targets have been Ukraine-based but IT companies, food brokers, and food manufacturers in the U.S., Brazil, and the Philippines are also in its crosshairs, BlackBerry says [300 words]. What: The operators of RomCom, a remote access trojan used in recent attacks against the Ukrainian military have now begun spoofing products from SolarWinds and KeePass to […]
Read MoreFive useful lists and tools for identifying resources with vulnerable OpenSSL in them
The OpenSSL project team will release a new version of the OpenSSL library (version 3.0.7) on Tuesday to address a critical vulnerability in version 3.0 to 3.6 of the widely used open source, command-line toolkit [184 words]. Five useful tools and lists for keeping on top of the OpenSSL vulnerability to be disclosed Nov 1. […]
Read MoreFour quick things to know about the critical bug in OpenSSL that will be disclosed Nov.1
The OpenSSL project team will release a new version of the OpenSSL library (version 3.0.7) on Tuesday to address a critical vulnerability in version 3.0 to 3.6 of the widely used open source, command-line toolkit [296 words]. Four key things to know: Impact will likely be wide: The OpenSSL team rates a vulnerability as “Critical” […]
Read MoreCritical Remote Code Execution Vulnerability in Apache Commons Text
Is this the next Log4J? [297 words] What: The Apache Foundation appears to have quietly fixed a critical remote code execution (RCE) in Apache Common Text versions 1.5 through 1.9. The vulnerability is being tracked as CVE-2022-42889. Proof of Concept code for the vulnerability is already available. NIST says the vulnerability is currently being analyzed […]
Read MoreMore than 29K+ Fortinet systems in US have admin login screen exposed to the Internet—and two other updates on CVE-2022-40684
Here’s the latest on the authentication bypass flaw (CVE-2022-40684) in FortiOS, FortiProxy, and FortiSwitchManager [300 words] As of October 13, 2022, there were 24,924 servers in the US and 196,668 units globally, that exposed the attack surface of the vulnerability— the login screen for Fortinet administrators—to the Internet. The number includes versions of Fortinet technology […]
Read MoreCISA ups the ante on asset discovery and vulnerability detection on federal networks
Key takeaway: If you aren’t already doing continuous automated asset discovery and vulnerability enumeration on discovered assets, now is a good time to get started. [259 words] What: The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued Binding Operational Directive (BOD) 23-01 that requires all federal, executive branch, and agencies to implement measurable […]
Read More