2023

Critical Citrix Vulnerabilities Lead to Widespread Cybersecurity Breaches

Multiple Citrix NetScaler ADC and Gateway servers have been compromised by attackers using a critical code injection vulnerability identified as CVE-2023-3519, reports the Shadowserver Foundation. This vulnerability, which Citrix addressed in a recent update, has a high severity rating of 9.8. The attacks mainly target servers in Germany, France, Switzerland, Italy, Sweden, Spain, Japan, China, …

Critical Citrix Vulnerabilities Lead to Widespread Cybersecurity Breaches Read More »

Russian Hackers Target Global Organizations Through Microsoft Teams

Since May 2023, a Russian hacker group known as APT29, Midnight Blizzard, UNC2452, or Cozy Bear, allegedly linked to Russia’s Foreign Intelligence Service (SVR), has been targeting international organizations, including government agencies, NGOs, IT service providers, technology, and media companies, using Microsoft Teams. Microsoft disclosed that the attacks involved social engineering tactics, primarily phishing campaigns …

Russian Hackers Target Global Organizations Through Microsoft Teams Read More »

Mullvad’s Alert: Uncovering VPN Privacy Leaks in Android Devices

Mullvad, a VPN provider, has identified a privacy concern for Android users: devices may inadvertently leak information when connected to VPNs. This issue arises because Android performs connectivity checks outside the VPN tunnel, even with the “Block connections without VPN” security feature enabled. These checks, designed for functions like authenticating on captive portals, occur independently …

Mullvad’s Alert: Uncovering VPN Privacy Leaks in Android Devices Read More »

Securing the Digital Horizon: Protecting Apache Tomcat Servers from Emerging Cyber Threats

Apache Tomcat, a widely used open-source server, provides support for Jakarta Servlet, Expression Language, and WebSocket technologies in a Java-based HTTP web server environment. It’s particularly popular among developers, with about 50% adoption rate, and plays a significant role in cloud services, big data, and web development. However, a new threat has been identified by …

Securing the Digital Horizon: Protecting Apache Tomcat Servers from Emerging Cyber Threats Read More »

Major Vulnerabilities in Ubuntu’s OverlayFS Threaten Server Security

Two critical vulnerabilities in Ubuntu’s OverlayFS module are endangering numerous server systems. Administrators are advised to promptly update the kernel modules. Security researchers from Wiz have discovered two easily exploitable vulnerabilities in a module of the Linux distribution Ubuntu, which facilitates the use of the OverlayFS filesystem. According to a blog post they published yesterday, …

Major Vulnerabilities in Ubuntu’s OverlayFS Threaten Server Security Read More »

Critical Security Flaw in OpenSSH Patched: Remote Command Execution Risk Averted

A recently identified and now rectified vulnerability in OpenSSH had raised concerns due to its potential for remote exploitation under certain conditions. Saeed Abbasi, a leading expert in vulnerability research at Qualys, highlighted in a recent analysis that this flaw could have allowed attackers to execute arbitrary commands on systems with vulnerable versions of OpenSSH’s …

Critical Security Flaw in OpenSSH Patched: Remote Command Execution Risk Averted Read More »

Critical Security Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Hacking Threats

Two recently discovered security flaws in the AMI MegaRAC Baseboard Management Controller (BMC) software present critical risks. These vulnerabilities, if exploited, enable remote attackers to gain control over vulnerable servers and deploy malware. The severity of these flaws ranges from high to critical, including unauthenticated remote code execution and unauthorized access with superuser privileges. Attackers …

Critical Security Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Hacking Threats Read More »

Global Security Alert: Over 15,000 Citrix Servers Vulnerable to Exploitation Despite Available Patches

Despite the availability of patches, approximately 15,000 Citrix servers accessible over the internet remain unprotected against known security vulnerabilities. Citrix warned about three actively exploited weaknesses in its Netscaler ADC and Netscaler Gateway products last week. One of these, CVE-2023-3519, rated critical with a CVSS score of 9.8, allows attackers to execute malicious code (RCE) …

Global Security Alert: Over 15,000 Citrix Servers Vulnerable to Exploitation Despite Available Patches Read More »

Key Compromise Exposes Major Security Flaw in Microsoft Azure: Global Applications at Risk

The recent security breach involving Microsoft’s email infrastructure was carried out by a Chinese nation-state actor known as Storm-0558. This attack has been revealed to have a broader impact than initially thought. According to Wiz, a cloud security company, the adversaries utilized an inactive Microsoft account (MSA) consumer signing key to forge Azure Active Directory …

Key Compromise Exposes Major Security Flaw in Microsoft Azure: Global Applications at Risk Read More »

FIN8 Cyber Group Escalates Threats with Advanced BlackCat Ransomware via Sardonic Backdoor

The cybercrime group FIN8, known for financially motivated attacks, has recently updated its malicious software toolkit. The Symantec Threat Hunter Team reported in December 2022 that FIN8 is now deploying BlackCat ransomware through an upgraded version of their Sardonic backdoor. Analysis of the Sardonic Variant: Experts have found that FIN8 continuously enhances their malware and …

FIN8 Cyber Group Escalates Threats with Advanced BlackCat Ransomware via Sardonic Backdoor Read More »

Scroll to Top