Months after NSA disclosed Microsoft cert bug, datacenters remain unpatched

Most Windows-powered datacenter systems and applications remain vulnerable to a spoofing bug in CryptoAPI that was disclosed by the NSA and the UK National Cyber Security Center (NCSC) and patched by Microsoft last year, according to Akamai’s researchers. CryptoAPI helps Read More …

New wave of attacks use ProxyNotShell/OWASSRF vulnerabilities to target Microsoft Exchange

Researchers at S.C. Bitdefender SRL today warned of a new wave of attacks using known vulnerabilities to target Microsoft Exchange. The researchers started to notice an increase in attacks using ProxyNotShell/OWASSRF exploits to target on-premises Microsoft Exchange deployments at the Read More …

Apple fixes actively exploited iOS zero-day on older iPhones, iPads

Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads. This bug is tracked as CVE-2022-42856, and it stems from a type confusion weakness in Apple’s Webkit web browser browsing engine. Read more… Source: Read More …

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and poses a significant risk to the federal enterprise. Note: Read More …

Suspected Chinese Threat Actors Exploiting FortiOS Vulnerability (CVE-2022-42475)

Mandiant is tracking a suspected China-nexus campaign believed to have exploited a recently announced vulnerability in Fortinet’s FortiOS SSL-VPN, CVE-2022-42475, as a zero-day. Evidence suggests the exploitation was occurring as early as October 2022 and identified targets include a European Read More …

Thousands of Sophos firewalls still vulnerable out there to hijacking

More than 4,000 public-facing Sophos firewalls remain vulnerable to a critical remote code execution bug disclosed last year and patched months later, according to security researchers. The flaw, CVE-2022-3236, had already been exploited as a zero-day when Sophos published a Read More …

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems (ICS) advisories on January 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical Read More …

Hackers exploit Cacti critical bug to install malware, open reverse shells

More than 1,600 instances of the Cacti device monitoring tool reachable over the internet are vulnerable to a critical security issue that hackers have already started to exploit. Cacti is an operational and fault management monitoring solution for network devices Read More …

CISA Releases Twelve Industrial Control Systems Advisories

CISA released twelve Industrial Control Systems (ICS) advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical Read More …