CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-28810 Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability CVE-2022-33891 Apache Spark Command Injection Vulnerability Read more… Source: U.S. Cybersecurity and Infrastructure Read More …

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems (ICS) advisories on March 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical Read More …

Subdomain Reputation: Detecting Malicious Subdomains of Public Apex Domains

Cybercriminals regularly leverage popular dynamic domain name system (DDNS) or web hosting services to store and distribute their content. Threat actors leverage these for command and control (C2), malware distribution and phishing. This abuse has created the need for new Read More …

CISA Adds Three Known Exploited Vulnerabilities to Catalog

ISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-47986 IBM Aspera Faspex Code Execution Vulnerability CVE-2022-41223 Mitel MiVoice Connect Code Injection Vulnerability CVE-2022-40765 Mitel MiVoice Connect Command Injection Vulnerability Read Read More …

CISA Releases Fifteen Industrial Control Systems Advisories

CISA released fifteen (15) Industrial Control Systems (ICS) advisories on February 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for Read More …

Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack

A new malware dubbed ‘ProxyShellMiner’ exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers. ProxyShell is the name of three Exchange vulnerabilities discovered and fixed by Microsoft in 2021. Read More …

Mirai Variant V3G4 Targets IoT Devices

From July to December 2022, Unit 42 researchers observed a Mirai variant called V3G4, which was leveraging several vulnerabilities to spread itself. The vulnerabilities exploited include the following: CVE-2012-4869: FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability Read More …

Hyundai and Kia issue software upgrades to thwart killer TikTok car theft hack

Korean car-makers Hyundai and Kia will issue software updates to some of their models after a method of stealing them circulated on TikTok, leading to many thefts and even some deaths. The “Kia Challenge” started circulating in mid-2022 and explained Read More …

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive Read More …