Recent intelligence reports have revealed that advanced persistent threat (APT) actors have been actively exploiting a critical vulnerability in the Ivanti Endpoint Manager Mobile (EPMM) since at least April 2023. These attacks have specifically targeted entities in Norway, including governmental networks, prompting urgent advisories from cybersecurity authorities. This information was…
A sophisticated phishing campaign targeting Facebook users has been detected, exploiting a critical zero-day vulnerability within Salesforce’s email services. This exploit enables malicious actors to craft highly tailored phishing messages utilizing Salesforce’s domain and infrastructure, significantly increasing the chances of success. Researchers at Guardio Labs, Oleg Zaytsev and Nati Tal,…
Recent reports indicate that numerous Citrix NetScaler ADC and Gateway servers have suffered breaches orchestrated by cybercriminals deploying web shells. This information comes from the Shadowserver Foundation, which highlights a worrying trend in cybersecurity threats. The attacks exploit CVE-2023-3519, a severe code injection vulnerability that can facilitate unauthenticated remote code…
Microsoft Addresses Security Flaw in Power Platform Amid Criticism for Delayed Response On Friday, Microsoft announced it has remedied a significant security vulnerability affecting its Power Platform, although it faced backlash for not acting more swiftly. This flaw posed a risk of unauthorized access to Custom Code functions utilized in…
In its August 2023 Patch Tuesday updates, Microsoft has addressed a total of 74 vulnerabilities across its software suite, a significant decrease from the 132 vulnerabilities patched in the previous month. Among these, there are six classified as Critical, 67 as Important, and one as Moderate in severity. The latest…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included a newly patched vulnerability affecting Microsoft’s .NET and Visual Studio products in its Known Exploited Vulnerabilities (KEV) catalog. This decision comes in response to evidence indicating that the flaw is actively being exploited in the wild. This vulnerability, tracked…
A recent disclosure has revealed a series of 16 high-severity security vulnerabilities in the CODESYS V3 software development kit (SDK). This suite of flaws could potentially lead to remote code execution and denial-of-service conditions, thereby posing significant risks to operational technology (OT) sectors. The vulnerabilities, tracked from CVE-2022-47378 to CVE-2022-47393…
A significant security vulnerability has been revealed in the URL parsing function of Python, posing a serious risk where attackers could exploit it to circumvent domain and protocol filtering mechanisms that rely on blocklists. This could lead to unauthorized file readings and arbitrary command executions. The CERT Coordination Center (CERT/CC)…
Recent reports indicate that almost 2,000 Citrix NetScaler instances have been compromised through the exploitation of a newly disclosed critical security vulnerability. This backdoor attack forms part of an extensive exploitation campaign targeting these widely used servers. The NCC Group has identified that adversaries leveraged CVE-2023-3519 to automate the deployment…
