VMWare Aria Operations for Networks Multiple Vulnerabilities
Multiple vulnerabilities were identified in VMWare Aria Operations for Networks. A remote attacker could exploit some of these vulnerabilities to...
News
Microsoft Monthly Security Update (July 2023)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesWindows High RiskElevation of Privilege Denial of Service Information Disclosure...
VMWare Aria Operations for Networks Multiple Vulnerabilities
Multiple vulnerabilities were identified in VMWare Aria Operations for Networks. A remote attacker could exploit some of these vulnerabilities to...
Android Multiple Vulnerabilities
Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
Samsung Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
Citrix Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
Ghostscript Remote Code Execution Vulnerability
A vulnerability was identified in Ghostscript. A remote attacker could exploit this vulnerability to trigger remote code execution on the...
Adobe ColdFusion Remote Code Execution Vulnerability
A vulnerability was identified in Adobe ColdFusion. A remote attacker could exploit this vulnerability to trigger remote code execution on...
Apple Products Remote Code Execution Vulnerability
A vulnerability was identified in Apple Products. A remote attacker could exploit this vulnerability to trigger remote code execution on...
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467
Description of Problem Multiple vulnerabilities have been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway)....
CISA orders govt agencies to mitigate Windows and Office zero-days
CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based...
Google Cloud Build bug lets hackers launch supply chain attacks
A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers...
U.S. preparing Cyber Trust Mark for more secure smart devices
A new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose...
New critical Citrix ADC and Gateway flaw exploited as zero-day
Citrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits...
FIN8 deploys ALPHV ransomware using Sardonic malware variant
A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware...
Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware
Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name...
Strengthening Password Security may Lower Cyber Insurance Premiums
The global cyber insurance market is expected to reach over $20 billion by 2025. However, many organizations are finding it...
IT Security Pro Jailed for Attempted Extortion
A former IT security analyst has been jailed for three years and seven months after attempting to extort his employer,...
WooCommerce Bug Exploited in Targeted WordPress Attacks
Security researchers have recorded over one million attempts to compromise a popular WordPress plugin over the past few days.Wordfence said...
Suspected Scareware Fraudster Arrested After Decade on the Run
A suspected scammer who used scareware to trick hundreds of thousands of global victims into handing over money has been...
CISA Unveils Guide to Aid Firms Transition to Cloud Security
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive factsheet on July 17, 2023, to assist businesses...
New Vulnerabilities Found in Adobe ColdFusion
Security researchers from Rapid7 have found active exploitation of multiple vulnerabilities in Adobe ColdFusion, a web development computing platform.On July...
JumpCloud Confirms Data Breach By Nation-State Actor
Identity and access management solutions provider JumpCloud has revealed on July 12, 2023, that it was the target of a security...
drIBAN Fraud Operations Target Corporate Banking Customers
Threat actors have extensively been using a sophisticated web-inject kit called drIBAN to orchestrate fraudulent attacks on corporate banking institutions...
