Apache ActiveMQ vulnerability used in ransomware attacks
A remote code execution vulnerability in Apache ActiveMQ is being used by the HelloKItty ransomware group.
Read MoreComputer Security Articles
RSS Reader for Computer Security Articles
cisa
CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it?
Categories: Exploits and vulnerabilities Categories: News Tags: CISA Tags: KEV Tags: catalog Tags: vulnerabilities Tags: prioritize The CISA Known Exploited Vulnerabilities catalog has grown to cover more than 1,000 vulnerabilities since its launch in November 2021. |
The post CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it? appeared first on Malwarebytes Labs.
Read MoreA Closer Look at the Snatch Data Ransom Group
Credit to Author: BrianKrebs| Date: Sat, 30 Sep 2023 19:47:57 +0000
Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.
Read MoreTwo Apple issues added by CISA to its catalog of known exploited vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Blastpass Tags: citizenlab Tags: pegasus Tags: nso Tags: cisa Tags: apple Tags: cve-2023-41064 Tags: cve-2023-41061 Tags: buffer overflow CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities. |
The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.
Read MoreZimbra issues awaited patch for actively exploited vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZCS Tags: CVE-2023-38750 Tags: CISA Tags: CVE-2023-0464 Tags: TAG Tags: XSS Tags: JSP Tags: XML Tags: Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. |
The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.
Read MoreReducing your attack surface is more effective than playing patch-a-mole
Categories: News Tags: CISA Tags: BOD 23-02 Tags: Internet exposed Tags: management interfaces Tags: vulnerabilities Tags: CVE-2023-27992 Tags: CVE-2023-20887 There is a lot to be said for the strategy of shielding management interfaces from public internet access |
The post Reducing your attack surface is more effective than playing patch-a-mole appeared first on Malwarebytes Labs.
Read MoreLockBit ransomware advisory from CISA provides interesting insights
Categories: News Categories: Ransomware Tags: CISA Tags: LockBit Tags: stats Tags: RaaS A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes. |
The post LockBit ransomware advisory from CISA provides interesting insights appeared first on Malwarebytes Labs.
Read MoreCISA Order Highlights Persistent Risk at Network Edge
Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.
Read More