Apache ActiveMQ vulnerability used in ransomware attacks
A remote code execution vulnerability in Apache ActiveMQ is being used by the HelloKItty ransomware group.
Read morecisa
CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it?
Categories: Exploits and vulnerabilities Categories: News Tags: CISA Tags: KEV Tags: catalog Tags: vulnerabilities Tags: prioritize The CISA Known Exploited Vulnerabilities catalog has grown to cover more than 1,000 vulnerabilities since its launch in November 2021. |
The post CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it? appeared first on Malwarebytes Labs.
Read moreA Closer Look at the Snatch Data Ransom Group
Credit to Author: BrianKrebs| Date: Sat, 30 Sep 2023 19:47:57 +0000
Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.
Read moreTwo Apple issues added by CISA to its catalog of known exploited vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Blastpass Tags: citizenlab Tags: pegasus Tags: nso Tags: cisa Tags: apple Tags: cve-2023-41064 Tags: cve-2023-41061 Tags: buffer overflow CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities. |
The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.
Read moreZimbra issues awaited patch for actively exploited vulnerability
Categories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZCS Tags: CVE-2023-38750 Tags: CISA Tags: CVE-2023-0464 Tags: TAG Tags: XSS Tags: JSP Tags: XML Tags: Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. |
The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.
Read moreReducing your attack surface is more effective than playing patch-a-mole
Categories: News Tags: CISA Tags: BOD 23-02 Tags: Internet exposed Tags: management interfaces Tags: vulnerabilities Tags: CVE-2023-27992 Tags: CVE-2023-20887 There is a lot to be said for the strategy of shielding management interfaces from public internet access |
The post Reducing your attack surface is more effective than playing patch-a-mole appeared first on Malwarebytes Labs.
Read moreLockBit ransomware advisory from CISA provides interesting insights
Categories: News Categories: Ransomware Tags: CISA Tags: LockBit Tags: stats Tags: RaaS A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes. |
The post LockBit ransomware advisory from CISA provides interesting insights appeared first on Malwarebytes Labs.
Read moreCISA Order Highlights Persistent Risk at Network Edge
Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.
Read more