kevin beaumont

Emerging Threats Enterprise Vulnerabilities

LockBit Ransomware Operators Targeting CitrixBleed in Coordinated Attacks

Image source: Shutterstock China’s ICBC, Boeing, Australian logistics giant DP World, major law firm among known victims so far; More than 5,000 organizations worldwide remain unpatched and vulnerable to CVE-2023-4966 Multiple LockBit ransomware operators are apparently working in a coordinated manner to break into major organizations via “CitrixBleed” (CVE-2023-4966) a critical vulnerability in several versions […]

Read More
Emerging Threats Vulnerabilities

Critical Remote Code Execution Vulnerability in Apache Commons Text

Is this the next Log4J? [297 words] What: The Apache Foundation appears to have quietly fixed a critical remote code execution (RCE) in Apache Common Text versions 1.5 through 1.9. The vulnerability is being tracked as CVE-2022-42889. Proof of Concept code for the vulnerability is already available.  NIST says the vulnerability is currently being analyzed […]

Read More