Collaborate Disseminate
Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (CV… Continue reading Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)
A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the Norwegian National Security Authority (NSM) has confirmed on Tuesday. What is… Continue reading Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)
The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market research company KonBriefing Research. The cyber extortion group has lately sw… Continue reading Has the MOVEit hack paid off for Cl0p?
Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have annou… Continue reading Thanks Storm-0558! Microsoft to expand default access to cloud logs
A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom… Continue reading Malware delivery to Microsoft Teams users made easy
An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin accounts and take over vulnerable instances, MDSec researchers Juan Manuel Fe… Continue reading PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)
Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users fro… Continue reading Microsoft Teams vulnerability allows attackers to deliver malware to employees
CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation… Continue reading VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)
The following is a list of personal email address accounts and XMPP account IDs known to belong to Maksim Viktorovich… Continue reading A List of Personally Identifiable Email Address Accounts and XMPP Account IDs on Maksim Viktorovich Yakubets (Aqua) and Members of EvilCorp’s Cybercrime Enterprise
VMware has fixed two critical (CVE-2023-20887, CVE-2023-20888) and one important vulnerability (CVE-2023-20889) in Aria Operations for Networks (formerly vRealize Network Insight), its popular enterprise network monitoring tool. About the vulnerabiliti… Continue reading VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887)