Internet Security

CISA adds Chrome and Citrix NetScaler to its Known Exploited Vulnerabilities catalog

January 18, 2024 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its... Read more »

Google TAG warns that Russian COLDRIVER APT is using a custom backdoor

January 18, 2024 add comment
Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT (aka “Seaborgium“, “Callisto”, “Star Blizzard”, “TA446”) is a Russian... Read more »

PixieFail: Nine flaws in UEFI open-source reference implementation could have severe impacts

January 18, 2024 add comment
Experts found multiple flaws, collectively named PixieFail, in the network protocol stack of an open-source reference implementation of the UEFI. Quarkslab researchers discovered nine vulnerabilities, collectively tracked as e PixieFAIL, affecting... Read more »

iShutdown lightweight method allows to discover spyware infections on iPhones

January 18, 2024 add comment
Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS devices have been infected with spyware. Cybersecurity researchers from Kaspersky have identified a “lightweight method,” called iShutdown, to identify the presence... Read more »

Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos

January 17, 2024 add comment
Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Switzerland believes that the cyberattack carried out by... Read more »

Github rotated credentials after the discovery of a vulnerability

January 17, 2024 add comment
GitHub rotated some credentials after the discovery of a flaw that allowed access to the environment variables of a production container. After GitHub became aware of a vulnerability through... Read more »

FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation

January 17, 2024 add comment
U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI)... Read more »

Citrix warns admins to immediately patch NetScaler for actively exploited zero-days

January 17, 2024 add comment
Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances. Citrix warns customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as... Read more »

Atlassian fixed critical RCE in older Confluence versions

January 16, 2024 add comment
Atlassian warns of a critical remote code execution issue in Confluence Data Center and Confluence Server that impacts older versions. Atlassian warns of a critical remote code execution vulnerability,... Read more »

Google fixed the first actively exploited Chrome zero-day of 2024

January 16, 2024 add comment
Google has addressed the first Chrome zero-day vulnerability of the year that is actively being exploited in the wild. Google has released security updates to address the first Chrome... Read more »
Subscribe to our Newsletter