On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) catalog, adding three identified security flaws currently under active exploitation. This action underscores the ongoing priority for organizations to remain vigilant and address vulnerabilities promptly to protect their systems. The newly cataloged vulnerabilities include…
In 2023, the cloud has transformed into a critical battleground in the sphere of cybersecurity, marked by emerging threats such as Zenbleed, targeted Kubernetes attacks, and sophisticated advanced persistent threats (APTs). This evolving landscape underscores the pressing need for organizations to bolster their cloud security strategies. To navigate these challenges,…
As the digital landscape continues to evolve, security leaders find themselves facing an increasingly complex attack environment characterized by interconnected devices, cloud services, IoT technologies, and hybrid work arrangements. Cyber adversaries are perpetually refining their strategies, employing new techniques to exploit vulnerabilities. Notably, many organizations, regardless of size, may lack…
A significant cybersecurity threat has emerged as the Kinsing group exploits a severe vulnerability in Apache ActiveMQ servers, leading to infections of Linux systems with cryptocurrency miners and rootkits. This critical flaw is identified as CVE-2023-46604, categorized as having a maximum CVSS score of 10.0, which allows remote code execution.…
Recent cybersecurity alerts highlight the exploitation of a critical vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances by numerous threat actors, including affiliates of the notorious LockBit ransomware group. This new wave of attacks takes advantage of CVE-2023-4966, a severe flaw that has allowed adversaries to infiltrate…
A recent cybersecurity incident involving a North Korean state-sponsored group known as Diamond Sleet has emerged as a significant threat to businesses. This group has been distributing a compromised version of a legitimate application developed by the Taiwanese company CyberLink, leveraging a supply chain attack to target downstream customers. According…
A recent malware campaign has emerged, exploiting two zero-day vulnerabilities that enable remote code execution (RCE) to integrate routers and video recording devices into a Mirai-based distributed denial-of-service (DDoS) botnet. According to an advisory from Akamai, “The payload specifically targets routers and network video recorders (NVRs) with default admin credentials,…
A recent phishing campaign has surfaced, utilizing a Russian-language Microsoft Word document as a vehicle for deploying malware designed to extract sensitive data from compromised Windows systems. This attack has been linked to a threat actor known as Konni, which exhibits connections to the North Korean cyber espionage group identified…
Recent advisories from the maintainers of ownCloud have revealed three critical vulnerabilities within their open-source file-sharing software that could lead to unauthorized access, data modification, and exposure of sensitive information. These vulnerabilities pose significant risks to users and require immediate attention. The first flaw, identified as CVE-2023-49103, boasts a CVSS…
