Internet Security

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog

September 9, 2023 add comment
US CISA added critical vulnerability CVE-2023-33246 in Apache RocketMQ to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-33246 (CVSS score 9.8) affecting Apache RocketMQ... Read more »

Ragnar Locker gang leaks data stolen from the Israel’s Mayanei Hayeshua hospital

September 9, 2023 add comment
The Ragnar Locker ransomware gang added Israel’s Mayanei Hayeshua hospital to the list of victims on its Tor leak site The Ragnar Locker ransomware gang claimed responsibility for an... Read more »

North Korea-linked threat actors target cybersecurity experts with a zero-day

September 8, 2023 add comment
North Korea-linked threat actors associated with North Korea exploited a zero-day flaw in attacks against cybersecurity experts. North Korea-linked threat actors were observed exploiting a zero-day vulnerability in an... Read more »

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

September 8, 2023 add comment
A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance... Read more »

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

September 8, 2023 add comment
U.S. CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state... Read more »

Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

September 8, 2023 add comment
Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws... Read more »

Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs

September 7, 2023 add comment
Apple rolled out emergency security updates to address two new actively exploited zero-day vulnerabilities impacting iPhones and Macs. The two Apple zero-day vulnerabilities, tracked as CVE-2023-41064 and CVE-2023-41061, reside... Read more »

A malvertising campaign is delivering a new version of the macOS Atomic Stealer

September 7, 2023 add comment
Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer. Malwarebytes researchers have observed a new malvertising campaign distributing an... Read more »

Two flaws in Apache SuperSet allow to remotely hack servers

September 7, 2023 add comment
A couple of security vulnerabilities in Apache SuperSet could be exploited by an attacker to gain remote code execution on vulnerable systems. Apache Superset is an open-source Data Visualization and Data... Read more »

Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake

September 7, 2023 add comment
Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. In July, Microsoft announced it had mitigated... Read more »
Subscribe to our Newsletter