A critical vulnerability impacting Citrix NetScaler ADC and Gateway products tracked as CVE-2023-4966 is actively exploited in real-world attacks despite its patching in October 2023. Due to a surge in LockBit 3.0 ransomware attacks weaponizing this flaw dubbed Citrix Bleed vulnerability, CISA and FBI, in collaboration with other international authorities, recently released a joint advisory […]
Vulnerabilities affecting popular software products, like Zimbra Collaboration Suite (ZCS), continuously expose organizations in multiple industry vectors, including the public sector, to increasing risks. Defenders exposed a minimum of four offensive operations employing a Zimbra zero-day vulnerability tracked as CVE-2023-37580, specifically designed to extract sensitive data from government entities across multiple countries. Detect CVE-2023-37580 Exploitation […]
CERT-UA researchers have recently published a novel heads-up that covers ongoing phishing attacks against Ukraine involving distribution of Remcos RAT. The group in charge of this offensive campaign, which involves massively distributing spoofing emails with a false sender identity masquerading as the Security Service of Ukraine, is tracked as UAC-0050. UAC-0050 Attack Analysis Covered in […]
This November, a set of new zero-days in the popular software products are emerging in the cyber domain, like CVE-2023-22518 affecting all versions of Confluence Data Center and Server. Shortly after its disclosure, another zero-day flaw in SysAid IT software tracked under CVE-2023-47246 comes to the scene. Microsoft revealed traces of vulnerability exploitation, with the […]
Organizations have to constantly struggle with an avalanche of threats while relying on a straightforward and proactive method to dynamically assess the performance of their security programs. Introducing a threat-informed defense strategy empowers organizations to focus on known threats and dynamically test defenses by equipping teams with better data and insights into their security program […]
The increasing menace posed by nation-state actors continuously increases with new sophisticated attack methods adopted by APT collectives and a massive shift towards stealthiness & operational security. Recently, security researchers revealed a destructive campaign against Israeli organizations launched by an Iran-affiliated hacker group dubbed Agonizing Serpens (aka Agrius, BlackShadow). The main objective of this offensive […]
In the last five years, Chinese nation-backed offensive campaigns have evolved into more sophisticated, stealthy, and well-coordinated threats as compared to previous years. This transformation is characterized by the extensive exploitation of zero-days and known vulnerabilities in publicly accessible security and network instances. Additionally, there is a stronger focus on operational security, aimed at reducing […]
Just over a month after the disclosure of a critical Confluence zero-day tracked as CVE-2023-22515, a novel vulnerability emerges in the cyber threat arena impacting Atlassian products. Adversaries are setting eyes on a recently fixed and maximum severity vulnerability known as CVE-2023-22518 in all versions of Confluence Data Center and Confluence Server, which enables them […]
At the turn of November, hot over the heels of disclosing CVE-2023-43208, the Mirth Connect vulnerability, another security bug comes to the scene. Defenders notify the global community of a newly uncovered the highest severity RCE bug that affects Apache ActiveMQ products. Detect CVE-2023-46604 With emerging vulnerabilities being a juicy target for adversaries seeking to […]
Vulnerabilities affecting popular software expose thousands of organizations in diverse industry sectors to severe threats. October has been rich in uncovering critical security flaws in widely used software products, like CVE-2023-4966, a hazardous Citrix NetScaler vulnerability, and CVE-2023-20198 zero-day affecting Cisco IOS XE. In the last decade of October 2023, defenders warned the global community […]