Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks

Fortinet has warned customers that the critical CVE-2023-27997 vulnerability that was patched recently could be a zero-day exploited in limited attacks.
The post Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks appeared first … Continue reading Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations

A zero-day vulnerability in Progress Software’s MOVEit Transfer product has been exploited to hack organizations and steal their data.
The post Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations appeared first on Secur… Continue reading Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations

Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery

The recently discovered Barracuda zero-day vulnerability CVE-2023-2868 has been exploited to deliver malware and steal data since at least October 2022.
The post Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery appeared firs… Continue reading Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery

Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances

Barracuda Networks is warning customers about CVE-2023-2868, a zero-day exploited to hack some Email Security Gateway (ESG) appliances.
The post Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances appeared first on Secu… Continue reading Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances

Microsoft Secure Boot Bug

Microsoft is currently patching a zero-day Secure-Boot bug.

The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Secure Boot has been enabled by default for over a decade on most Windows PCs sold by companies like Dell, Lenovo, HP, Acer, and others. PCs running Windows 11 must have it enabled to meet the software’s system requirements.

Microsoft says that the vulnerability can be exploited by an attacker with either physical access to a system or administrator rights on a system. It can affect physical PCs and virtual machines with Secure Boot enabled…

Continue reading Microsoft Secure Boot Bug