WinWAR and Openfire vulnerabilities exploited in the wild
CISA added Openfire (CVE-2023-32315) and WinRAR (CVE-2023-38831) vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Securezoo Cybersecurity Threat Center blog posts of new cybersecurity attacks.
CISA added Openfire (CVE-2023-32315) and WinRAR (CVE-2023-38831) vulnerabilities to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.
Cybersecurity security agencies from the United States, United Kingdom, Australia, Canada and New Zealand have published the top 12 routinely exploited vulnerabilities in 2022.
Multiple Critical vulnerabilities have been discovered in Progress Software’s MOVEit Transfer solution. In May, a zero-day High severity SQL injection vulnerability CVE-2023-34362 that could allow authenticated attackers to gain access to the MOVEit Transfer database and other sensitive data.
Security experts have discovered a new version of ViperSoftX, a malware that steals cryptocurrency and targets password managers, such as KeePass and 1Password.
The FBI, CISA, and MS-ISAC have released a joint cybersecurity advisory regarding LockBit 3.0 ransomware as identified through FBI investigations as recently as this month.
CISA and FBI have published a joint cybersecurity alert on Royal ransomware used in recent cyberattacks as recently as January 2023. The ransomware uses a unique “partial encryption approach” to evade detection.
Researchers have discovered threat actors abusing legitimate open-source debugger tool for Windows to disguise PlugX trojan attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) has added IBM and Mitel vulnerabilities to its Known Exploited Vulnerabilities Catalog.
The Cybersecurity and Infrastructure Security Agency (CISA) has added Intel, Oracle, TerraMaster, Forta, and SugarCRM vulnerabilities to its Known Exploited Vulnerabilities Catalog.
Researchers from SentinelLabs have spotted the first Linux variant of Cl0p (aka “Clop”) ransomware, targeting Linux systems on December 26, 2022.