US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
News
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries....
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including...
WhatsApp’s New Secret Code Feature Lets Users Protect Private Chats with Password
Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on...
Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs...
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian...
WhatsApp’s New Secret Code Feature Lets Users Protect Private Chats with Password
Meta-owned WhatsApp has launched a new Secret Code feature to help users protect sensitive conversations with a custom password on...
Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs...
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian...
Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
The most recent Gcore Radar report and its aftermath have highlighted a dramatic increase in DDoS attacks across multiple industries....
Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code...
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it...
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective...
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective...
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it...
Zyxel warns of multiple critical vulnerabilities in NAS devices
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on...
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks....
Staples confirms cyberattack behind service outages, delivery issues
Image: Stan Zemanek (CC BY-SA 3.0) American office supply retailer Staples took down some of its systems earlier this week after...
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade...
WhatsApp’s new Secret Code feature hides your locked chats
WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom...
LogoFAIL bugs in UEFI code allow planting bootkits via images
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they...
US govt sanctions North Korea’s Kimsuky hacking group
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence...
Get 20% off Emsisoft’s Enterprise Security EDR solution for the holidays
Emsisoft is having a holiday deal where you can get 20% off 1-year licenses of the Emsisoft Enterprise Security EDR solution through...
