vulnerabilities

Vulnerabilities

Issued by: Dark Reading

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, over concerns that multiple threat actors are actively exploiting multiple security flaws in these systems. The order is part of the supplemental direction accompanying last week’s…

Vulnerabilities

Issued by: Security Affairs

GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset. The flaw can be exploited to hijack an account without any interaction. “An issue has been discovered in GitLab CE/EE…

Vulnerabilities

Issued by: Dark Reading

Ivanti researchers this week flagged two zero-day vulnerabilities discovered in its products — CVE-2023-46805 and CVE-2024-21887— that are already being actively exploited by threat actors. The vulnerabilities were found in Ivanti Connect Secure (ICS) and Ivanti Policy Secure gateways, and the vulnerabilities affect all supported versions (Version 9.x and 22.x). Volexity assisted in identifying and…

Vulnerabilities

Issued by: SecurityWeek

The vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, affect fully patched Internet-facing Ivanti Connect Secure VPN appliances (formerly known as Pulse Secure) and were caught during in-the-wild zero-day exploitation. Ivanti, a company that has struggled with major security problems, released pre-patch mitigations for the new vulnerabilities but said comprehensive fixes will be released on a staggered…

Vulnerabilities

Issued by: Naked Security

January isn’t traditionally the lightest month on patch managers’ calendars, so a second month of (relatively) few Microsoft releases is a bit of a treat. On Tuesday the company released 48 CVEs, including 38 for Windows. Eight other product groups or tools are also affected. Of the CVEs addressed, just two are considered Critical in…

Network Security

Issued by: CSO Online

Distributed denial-of-service (DDoS) attacks are a year-round threat. However, as many security practitioners can attest, DDoS attacks are particularly prolific during high-traffic times like the holiday season. The holidays are typically a time when organizations have reduced resources, with staff taking vacation and fewer cyber resources dedicated to monitoring networks and applications. Cybercriminals often take…

Vulnerabilities

Issued by: Dark Reading

When videoconferencing service Zoom searched for a better way to assign a severity to vulnerabilities found during bug bounty programs, the company’s security team could not find a suitable approach: The popular Common Vulnerability Scoring System (CVSS) was too subjective, and the Exploit Prediction Scoring System (EPSS) was too focused on the probability of exploitation….

Malware & Threats

Issued by: Security Affairs

The North Korea-linked APT group Lazarus is behind a new hacking campaign that exploits Log4j vulnerabilities to deploy previously undocumented remote access trojans (RATs). Cisco Talos researchers tracked the campaign as Operation Blacksmith, the nation-state actors are employing at least three new DLang-based malware families. Two of these malware strains are remote access trojans (RATs),…

Malware & Threats

Issued by: Dark Reading

The US leg of an Australia-based shipbuilding company, Austal, which is a contractor for the US Department of Defense and the Department of Homeland Security, recently alerted the FBI and the Naval Criminal Investigative Service (NCIS) of a cyberattack. The cyberattack was claimed by the Hunters International ransomware group, which leaked stolen information as proof…