Recent investigations have uncovered two distinct cyber espionage groups allegedly linked to China: UNC5325 and UNC3886, both exploiting vulnerabilities in Ivanti Connect Secure VPN appliances. UNC5325 is reported to have utilized the critical vulnerability tracked as CVE-2024-21893, distributing various malware strains, including LITTLELAMB.WOOLTEA and PITDOG, among others. According to Mandiant,…
Apple Releases Critical Security Updates to Address Exploited Vulnerabilities Apple has issued new security updates aimed at mitigating significant flaws in its operating systems, including vulnerabilities that have reportedly been exploited in the wild. The updates come in response to the discovery of two critical memory corruption issues affecting the…
Fortinet Alerts Users to Critical Security Vulnerability in FortiClientEMS Fortinet has issued a significant warning regarding a critical vulnerability affecting its FortiClientEMS software. This flaw poses a serious risk as it potentially enables attackers to execute arbitrary code on compromised systems, raising alarms for businesses relying on this software for…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) catalog with three critical security flaws, highlighting their active exploitation in the wild. The vulnerabilities now included are CVE-2023-48788, CVE-2021-44529, and CVE-2019-7256, which pose significant risks to users of affected systems. Among these, CVE-2023-48788,…
In April 2024, Microsoft announced a critical security update addressing an unprecedented 149 vulnerabilities, with two of these flaws identified as actively exploited threats. This latest update categorizes three of the vulnerabilities as Critical, 142 as Important, three as Moderate, and one as Low in severity. Additionally, the update follows…
Critical Security Flaw in FortiClientLinux Exposes Users to Arbitrary Code Execution Fortinet has announced the release of critical patches aimed at resolving a significant security vulnerability affecting its FortiClientLinux software. This flaw, tracked as CVE-2023-45590, has been rated with a CVSS score of 9.4 on a 10-point scale, indicating a…
Cisco has issued a warning regarding a notable increase in brute-force attacks targeting a variety of devices since March 18, 2024. These attacks specifically affect Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services. Cisco Talos reports that the origins of these attacks can largely be traced…
Security experts have raised alarms regarding a series of targeted attacks aimed at unpatched Fortinet VPN devices, impacting industrial enterprises across Europe. These assaults are believed to have facilitated the deployment of a new ransomware variant known as “Cring” within corporate infrastructures. According to a report from cybersecurity firm Kaspersky,…
Cybersecurity experts have identified a new attack campaign that capitalizes on a recently discovered vulnerability in Fortinet FortiClient EMS devices, utilizing ScreenConnect and Metasploit’s Powerfun payloads to execute its malicious intent. This campaign targets CVE-2023-48788, a critical SQL injection vulnerability with a CVSS score of 9.3. This flaw enables unauthorized…
