A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday.
Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as digital gatekeepers to protect company networks from unauthorized access.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Update now! JetBrains TeamCity vulnerability abused at scale
March 8, 2024
JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTP(S) access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server. TeamCity is a build management and continuous integration and deployment server ...
- Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix
March 8, 2024
VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws affect customers who have deployed VMware Workstation, VMware Fusion, and/or ...
- Investigating Ivanti Connect Secure VPN Exploitation and Persistence Attempts
February 27, 2024
Mandiant and Ivanti’s investigations into widespread Ivanti zero-day exploitation have continued across a variety of industry verticals, including the U.S. defense industrial base sector. Following the initial publication on Jan. 10, 2024, Mandiant observed mass attempts to exploit these vulnerabilities by a small number of China-nexus threat actors, and development of a mitigation bypass exploit targeting ...
- Malicious Apple Shortcuts could bypass security features to steal data
February 23, 2024
Apple Shortcuts could be used to steal sensitive data from Apple devices due to a high-severity vulnerability. Shortcuts is an app created by Apple that allows users to create customized task workflows on Apple devices and automate processes using a combination of built-in functions. Custom shortcuts can be exported and shared with other users, and shortcuts ...
- “To live is to fight, to fight is to live! – IBM ODM Remote Code Execution
February 22, 2024
In previous blogs, watchTowr researchers discussed some of the big players in the enterprise software space, but there is one that they have not mentioned before, that is – quite frankly – the heavy-weight champion of the world in terms of applications for large enterprises. With over a hundred years of experience, a founder and leader ...
- ClamAV’s VirusEvent Command Injection Vulnerability
February 22, 2024
SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability. ClamAV is a notable, open-source anti-virus engine, widely recognized for its comprehensive suite of security solutions. It offers an array of features, including web and email scanning capabilities, endpoint security, ...