Zero Day – Page 10 – WindowsTechs.com

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Posted on July 31, 2023 by Eduard Kovacs

Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks.
The post Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks appeared first on SecurityWeek.
Continue reading Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks→

Zimbra Patches Exploited Zero-Day Vulnerability

Posted on July 28, 2023 by Ionut Arghire

Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks.
The post Zimbra Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.
Continue reading Zimbra Patches Exploited Zero-Day Vulnerability→

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government

Posted on July 25, 2023 by Eduard Kovacs

An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government.
The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek.
Continue reading Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government→

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day

Posted on July 24, 2023 by Paul Ducklin

Another month, another patch for in-the-wild iPhone malware (and a whole lot more). Continue reading Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day→

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks

Posted on July 24, 2023 by Ryan Naraine

Apple patches another zero-day flaw used in the ‘Operation Triangulation’ exploit chain. iOS and macOS-powered devices are affected.
The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on SecurityWee… Continue reading Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks→

Citrix Zero-Day Exploited Against Critical Infrastructure Organization

Posted on July 21, 2023 by Eduard Kovacs

CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.
The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek.
Continue reading Citrix Zero-Day Exploited Against Critical Infrastructure Organization→

S3 Ep144: When threat hunting goes down a rabbit hole

Posted on July 20, 2023 by Paul Ducklin

Latest episode – check it out now! Continue reading S3 Ep144: When threat hunting goes down a rabbit hole→

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned

Posted on July 19, 2023 by Eduard Kovacs

Citrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks.
The post Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned appeared first on S… Continue reading Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned→

Zimbra Collaboration Suite warning: Patch this 0-day right now (by hand)!

Posted on July 14, 2023 by Paul Ducklin

Zimbra didn’t actually say, “Do not delay/Do it today,” but they did say, “We kindly request your cooperation to apply the fix manually.” Continue reading Zimbra Collaboration Suite warning: Patch this 0-day right now (by hand)!→

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day

Posted on July 14, 2023 by Eduard Kovacs

Google researchers have discovered that a Zimbra zero-day vulnerability has been exploited in the wild, with users being advised to manually patch their installations.
The post Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day ap… Continue reading Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day→