Collaborate Disseminate
CVE-2023-47246 zero-day vulnerability in SysAid IT service management software has been exploited by Cl0p ransomware affiliates.
The post SysAid Zero-Day Vulnerability Exploited by Ransomware Group appeared first on SecurityWeek.
Continue reading SysAid Zero-Day Vulnerability Exploited by Ransomware Group
The recently patched Apache ActiveMQ vulnerability tracked as CVE-2023-46604 has been exploited as a zero-day since at least October 10.
The post Apache ActiveMQ Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.
Continue reading Apache ActiveMQ Vulnerability Exploited as Zero-Day
Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments.
The post Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day appeared first on SecurityWeek.
Continue reading Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day
The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant.
The post Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant appeared first on SecurityWeek.
Continue reading Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant
Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping.
The post Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops appeared first on Security… Continue reading Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops
Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August.
The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek.
Continue reading Recent NetScaler Vulnerability Exploited as Zero-Day Since August
Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198.
The post Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability appeared first on SecurityWeek.
Continue reading Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability
Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.
The post Cisco Devices Hacked via IOS XE Zero-Day Vulnerability appeared first on SecurityWeek.
Continue reading Cisco Devices Hacked via IOS XE Zero-Day Vulnerability
Last month Microsoft patched a vulnerability in the Microsoft Kernel Streaming Server, a Windows kernel component used in the virtualization and sharing of camera devices. The vulnerability, CVE-2023-36802, allows a local attacker to escalate privileges to SYSTEM. This blog post details my process of exploring a new attack surface in the Windows kernel, finding a […]
The post Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service appeared first on Security Intelligence.
Continue reading Critically Close to Zero(Day): Exploiting Microsoft Kernel Streaming Service
A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history.
The post ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History appeared first on SecurityWeek.
Continue reading ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History