Tag: TopCVE2023

CVE-2023-22518 Detection: Exploitation of a New Critical Vulnerability in Atlassian Confluence Leads to Cerber Ransomware Deployment 
CVE-2023-22518 Detection: Exploitation of a New Critical Vulnerability in Atlassian Confluence Leads to Cerber Ransomware Deployment 

Just over a month after the disclosure of a critical Confluence zero-day tracked as CVE-2023-22515, a novel vulnerability emerges in the cyber threat arena impacting Atlassian products. Adversaries are setting eyes on a recently fixed and maximum severity vulnerability known as CVE-2023-22518 in all versions of Confluence Data Center and Confluence Server, which enables them […]

Read More
CVE-2023-46604 Detection: HelloKitty Ransomware Maintainers Exploits RCE Vulnerability in Apache ActiveMQ
CVE-2023-46604 Detection: HelloKitty Ransomware Maintainers Exploits RCE Vulnerability in Apache ActiveMQ

At the turn of November, hot over the heels of disclosing CVE-2023-43208, the Mirth Connect vulnerability, another security bug comes to the scene. Defenders notify the global community of a newly uncovered the highest severity RCE bug that affects Apache ActiveMQ products. Detect CVE-2023-46604 With emerging vulnerabilities being a juicy target for adversaries seeking to […]

Read More
Detect CVE-2023-28252 & CVE-2023-21554 Exploitation Attempts: Windows Zero-Day Actively Used in Ransomware Attacks and a Critical RCE Flaw
Detect CVE-2023-28252 & CVE-2023-21554 Exploitation Attempts: Windows Zero-Day Actively Used in Ransomware Attacks and a Critical RCE Flaw

With a growing number of zero-day flaws affecting widely used software products, proactive detection of vulnerability exploitation has been among the most prevalent security use cases since 2021.  Microsoft has recently issued a series of security updates relevant to critical flaws affecting its products, including a patch for a zero-day actively exploited in the wild […]

Read More
Detect CVE-2023-23397 Exploits: Critical Elevation of Privilege Vulnerability in Microsoft Outlook Leveraged in the Wild to Target European Government and Military
Detect CVE-2023-23397 Exploits: Critical Elevation of Privilege Vulnerability in Microsoft Outlook Leveraged in the Wild to Target European Government and Military

Security heads-up for cyber defenders! Microsoft has recently fixed a critical elevation of privilege vulnerability (CVE-2023-23397) affecting Microsoft Outlook for Windows that allows adversaries to dump hash passwords from targeted instances. Notably, the flaw has been exploited in the wild as a zero-day since April 2022, being utilized in cyber-attacks against the government, military, and […]

Read More
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords
CVE-2023-24055 Detection: Notorious Vulnerability in KeePass Potentially Exposing Cleartext Passwords

Stay alert! Security researchers have discovered a notorious vulnerability posing a serious threat to users of a popular password manager KeePass. A security flaw, tracked as CVE-2023-24055, might affect KeePass version 2.5x, potentially allowing attackers to obtain stored passwords in cleartext.  CVE-2023-24055 Detection With proof-of-concept (PoC) exploit available, and in view that KeePass is one […]

Read More