Mar 25, 2023Ravie LakshmananEnterprise Security / Microsoft Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) … [Read more...] about Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
exploited
Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
Mar 14, 2023Ravie LakshmananNetwork Security / Cyber Attack Government entities and large organizations have been targeted by an unknown threat actor by exploiting a security flaw in Fortinet FortiOS software to result in data loss and OS and file corruption. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or … [Read more...] about Fortinet FortiOS Flaw Exploited in Targeted Cyberattacks on Government Entities
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
Jan 20, 2023Ravie LakshmananFirewall / Network Security A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation occurred … [Read more...] about Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers
Dec 08, 2022Ravie LakshmananPatch Management / Zero-Day An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to target South Korean users by capitalizing on the recent Itaewon Halloween crowd crush to trick users into downloading malware. The discovery, reported by Google Threat Analysis Group researchers Benoît Sevens and Clément … [Read more...] about Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2021-35587, carries a CVSS score of 9.8 and impacts Oracle Access Manager (OAM) versions 11.1.2.3.0, 12.2.1.3.0, and … [Read more...] about CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally. "These attacks installed the Chopper web shell to facilitate hands-on-keyboard access, which the attackers used to perform … [Read more...] about State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released
Security software company Sophos has released a patch update for its firewall product after it was discovered that attackers were exploiting a new critical zero-day vulnerability to attack its customers' network. The issue, tracked as CVE-2022-3236 (CVSS score: 9.8), impacts Sophos Firewall v19.0 MR1 (19.0.1) and older and concerns a code injection vulnerability in the User … [Read more...] about Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released
Microsoft patches 64 vulnerabilities, one being exploited
Microsoft’s vulnerability hunters have presented a fresh catch: 64 vulnerabilities in its various products and services — five of which are critical. Two vulnerabilities were publicly disclosed before the patch was released (which technically makes them zero-days), and one is being actively exploited by attackers. As usual, we recommend installing updates with no delay. In the … [Read more...] about Microsoft patches 64 vulnerabilities, one being exploited
Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild
Atlassian on Friday rolled out fixes to address a critical security flaw affecting its Confluence Server and Data Center products that have come under active exploitation by threat actors to achieve remote code execution. Tracked as CVE-2022-26134, the issue is similar to CVE-2021-26084 — another security flaw the Australian software company patched in August 2021. Both relate … [Read more...] about Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild
Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 (CVSS score: 6.5), the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution. "A successful … [Read more...] about Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild