Collaborate Disseminate
Over 1,700 Ivanti Connect Secure VPN devices worldwide have been compromised by attackers exploiting two zero-days with no patches currently available. “Additional threat actors beyond UTA0178 appear to now have access to the exploit and are acti… Continue reading 1,700 Ivanti VPN devices compromised. Are yours among them?
Rapid7 has announced its newest innovation in artificial intelligence (AI)-driven threat detection for the cloud. Now available in early access to select Rapid7 customers, this enhancement improves SOC teams’ visibility and response time to cyber threa… Continue reading Rapid7 introduces AI-powered cloud anomaly detection
Rapid7’s Jaya Baloo says a deficit in Australian organisational IT asset and vulnerability understanding is helping threat actors, and this is being exacerbated by fast growth in multicloud environments. Continue reading Leading CISO Wants More Security Proactivity in Australian Businesses to Avoid Attack ‘Surprises’
A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have pinpointed. About the vulnerability CVE-2023-22515 was initially classified as a c… Continue reading Critical Atlassian Confluence vulnerability exploited by state-backed threat actor
Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. Continue reading Patch Tuesday, October 2023 Edition
Atlassian has fixed a critical zero-day vulnerability (CVE-2023-22515) in Confluence Data Center and Server that is being exploited in the wild. “Atlassian has been made aware of an issue reported by a handful of customers where external attacker… Continue reading Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP Server, another popular secure file transfer solution. Proof-of-concept code … Continue reading Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which may allow authenticated attackers to achieve remote code execution and gain c… Continue reading Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)
A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access to vulnerable internet-exposed devices. “This vulnerability was found du… Continue reading Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. “In some cases, adversaries have conducted credential stuffing attacks that… Continue reading Cisco VPNs with no MFA enabled hit by ransomware groups