RSS Reader for Computer Security Articles
Categories: Exploits and vulnerabilities Categories: News Tags: Ivanti Tags: EPMM Tags: MobileIron Tags: CVE-2023-35081 Tags: CVE-2023-35078 Tags: tomcat Tags: arbitrary file write Tags: ACL Tags: upgrade Ivanti has issued a patch to address a second critical zero-day vulnerability |
The post Ivanti patches second zero-day vulnerability being used in attacks appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Barracuda Tags: ESG Tags: CVE-2023-2868 Tags: SUBMARINE Tags: SEASPY Tags: shell CISA has released three reports based on the analysis of backdoors planted on compromised Barracuda ESG appliances |
The post Compromised Barracuda appliances equipped with persistent backdoors by attackers appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZCS Tags: CVE-2023-38750 Tags: CISA Tags: CVE-2023-0464 Tags: TAG Tags: XSS Tags: JSP Tags: XML Tags: Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. |
The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Norwegian ministries Tags: ivanti Tags: EPMM Tags: MobileIron Tags: CVE-2023-35078 Tags: patch A patch is now available for an Ivanti EPMM vulnerability that was used in a cyberattack on the ICT platform which is relied upon by a dozen Norwegian ministries. |
The post Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: WebKit Tags: CVE-2023-38606 Tags: CVE-2023-32409 Tags: CVE-2023-37450 Tags: CVE-2023-32416 Apple has released security updates for several products to address several serious vulnerabilities including some actively exploited zero-days. |
The post Update now! Apple fixes several serious vulnerabilities appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: NetScaler Tags: CVE-2023-3519 Tags: web shell A critical unauthenticated remote code execution vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway is being actively exploited |
The post CISA: You’ve got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519 appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Researchers have uncovered a privilege escalation vulnerability in Google Cloud Build that could enable malicious actors tamper with application images and infect users. |
The post Google fixes “Bad.Build” Cloud Build flaw, researchers say it’s not enough appeared first on Malwarebytes Labs.
Read MoreCategories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: MalasLocker Tags: vulnerability Tags: Google Tags: actively exploited Tags: fn:escapeXml Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. |
The post Act now! In-the-wild Zimbra vulnerability needs a workaround appeared first on Malwarebytes Labs.
Read More