Threat actors frequently set eyes on Microsoft SharePoint Server products by weaponizing a set of RCE vulnerabilities, such as CVE-2022-29108 and CVE-2022-26923. In the early summer of 2023, Microsoft issued a patch for the newly discovered SharePoint Server elevation of privilege vulnerability known as CVE-2023-29357 and considered critical. With the CVE-2023-29357 PoC exploit recently released, […]
The new Microsoft Windows Themes security bug tracked as CVE-2023-38146, which enables attackers to perform RCE, emerges in the cyber threat arena. The proof-of-concept (PoC) exploit for this vulnerability, also known as “ThemeBleed,” has recently been released on GitHub, posing a threat to potentially infected Windows instances and arresting the attention of defenders. CVE-2023-38146 Detection […]
Security researchers have issued a stark warning about a critical vulnerability, designated as CVE-2023-4634, which is affecting an alarming number of over 70,000 WordPress sites globally. This vulnerability originates from a security flaw in the WordPress Media Library Assistant Plugin, an extremely popular and widely used plugin within the WordPress community. With this vulnerability already […]
The financial sector, the keystone of the global economy, has become increasingly digitized in recent years. While this transformation brings efficiency and convenience, it also exposes financial institutions to many cybersecurity challenges. Threat actors, ranging from sophisticated hacker groups to opportunistic individuals, are constantly targeting the financial sector, seeking to exploit vulnerabilities for financial gain. […]
The UAC-0057 hacking collective, aka GhostWriter, reemerges in the cyber threat arena by abusing a WinRAR zero-day tracked as CVE-2023-38831 that has been exploited in the wild since April through August 2023. The successful exploitation of CVE-2023-38831 enables attackers to infect the targeted systems with a PicassoLoader variant and Cobalt Strike Beacon malware. Notably, both […]
Adversaries weaponize four newly discovered RCE security flaws in the J-Web component of Junos OS tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-3684. The identified vulnerabilities can be chained together, enabling attackers to execute arbitrary code on the compromised instances. After the disclosure of a PoC exploit for chaining the Juniper JunOS flaws, cyber defenders are […]
Heads up! Cybersecurity experts notify defenders of a zero-day flaw compromising Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Appliances. The flaw tracked as CVE-2023-3519 can lead to RCE and is observed to be actively leveraged by adversaries in the wild with the PoC exploit released to GitHub. Detect CVE-2023-3519 Exploitation Attempts The growing […]
Cybersecurity heads up! After a series of security holes in Pulse Connect Secure SSL VPN appliance affected multiple organizations back in 2021, a new critical zero-day has been recently revealed in Ivanti products. The novel security issue impacting Ivanti Endpoint Manager Mobile (EPMM) enables remote unauthenticated API access to specific paths. By exploiting the flaw, […]
CVE-2023-23397 is a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook with a CVSS base score of 9.8. It was first disclosed on March 14, 2023, and attributed to APT28, also known as Fancy Bear or Strontium – a threat actor associated with the Russian General Staff Main Intelligence Directorate (GRU). The vulnerability is […]
With the ongoing russian cyber offensive operations targeting Ukraine and its allies, the aggressor is continuously launching cyber-espionage campaigns against state bodies and other organizations representing critical infrastructure. Less than a week after CERT-UA researchers warned of a spike in cyber-espionage attacks by russia-linked Shuckworm group, another nefarious hacking group comes back to the scene. […]