Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs

Categories: Exploits and vulnerabilities

Categories: News

Tags: Ruckus

Tags: CISA

Tags: AndoryuBot

Tags: CVE-2023-25717

Tags: 163.123.142.146

CISA has added a Ruckus vulnerability being abused by the AndoryuBot botnet to its catalog.

(Read more…)

The post Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs appeared first on Malwarebytes Labs.

Read more

Update now! May 2023 Patch Tuesday tackles three zero-days

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: CVE-2023-29336

Tags: CVE-2023-24932

Tags: bootkit

Tags: CVE-2023-29325

Tags: Outlook

Tags: preview

Tags: CVE-2023-24941

Tags: Apple

Tags: Cisco

Tags: Google

Tags: Android

Tags: VMWare

Tags: SAP

Tags: Mozilla

Microsoft’s Patch Tuesday round up for May 2023 includes patches for three zero-day vulnerabilities and one critical remote code execution vulnerability

(Read more…)

The post Update now! May 2023 Patch Tuesday tackles three zero-days appeared first on Malwarebytes Labs.

Read more

Oracle WebLogic Server vulnerability added to CISA list as “known to be exploited”

Categories: Exploits and vulnerabilities

Categories: News

Tags: Oracle

Tags: WebLogic

Tags: CVE-2023-21839

Tags: CVE-2023-1389

Tags: CVE-2021-45046

Tags: CISA

Tags: reverse shell

An easy to exploit vulnerability in Oracle WebLogic Server has been added to the CISA list of things you really, really need to patch.

(Read more…)

The post Oracle WebLogic Server vulnerability added to CISA list as “known to be exploited” appeared first on Malwarebytes Labs.

Read more

APC warns about critical vulnerabilities in online UPS monitoring software

Categories: Exploits and vulnerabilities

Categories: News

Tags: APC

Tags: UPS

Tags: Schneider Electric

Tags: CVE-2023-29411

Tags: CVE-2023-29412

Tags: CVE-2023-29413

In a security notification, APC has warned home and corporate users about critical vulnerabilities in the software used to monitor and control their UPS systems online.

(Read more…)

The post APC warns about critical vulnerabilities in online UPS monitoring software appeared first on Malwarebytes Labs.

Read more

iOS Lockdown Mode effective against NSO zero-click exploit

Categories: Apple

Categories: Exploits and vulnerabilities

Categories: News

Tags: Apple

Tags: Lockdown Mode

Tags: NSO

Tags: PWNYOURHOME

Tags: FINDMYPWN

Tags: LATENTIMAGE

Apple’s Lockdown Mode has shown that it can do what it was designed to do by notifying users about an NSO exploit.

(Read more…)

The post iOS Lockdown Mode effective against NSO zero-click exploit appeared first on Malwarebytes Labs.

Read more

Fancy Bear known to be exploiting vulnerability in Cisco routers

Categories: Exploits and vulnerabilities

Categories: News

Tags: APT28

Tags: Sofacy

Tags: Fancy Bear

Tags: GRU

Tags: Cisco

Tags: CVE–2017-6742

Tags: SNMP

Tags: Jaguar Tooth

A joint advisory about a Cisco vulnerability by several US and UK agencies gives us a peek inside the minds of ideologically motivated cybercriminals

(Read more…)

The post Fancy Bear known to be exploiting vulnerability in Cisco routers appeared first on Malwarebytes Labs.

Read more

Update Chrome now! Google patches actively exploited flaw

Categories: Exploits and vulnerabilities

Categories: News

Tags: Google

Tags: Chrome zero-day

Tags: CVE-2023-2033

Tags: V8 flaw

Tags: V8

Google has released an updated version of Chrome to address a zero-day flaw that is being exploited in the wild.

(Read more…)

The post Update Chrome now! Google patches actively exploited flaw appeared first on Malwarebytes Labs.

Read more

Update now! April’s Patch Tuesday includes a fix for one zero-day

Categories: Exploits and vulnerabilities

Categories: News

Tags: Microsoft

Tags: Apple

Tags: Google

Tags: Adobe

Tags: Cisco

Tags: SAP

Tags: Mozilla

Tags: CVE-2023-28252

Tags: CVE-2023-28231

Tags: CVE-2023-21554

Tags: Word

Tags: Publisher

Tags: Office

One fixed vulnerability is being actively exploited by a ransomware gang and many others were fixed in this month’s Patch Tuesday updates.

(Read more…)

The post Update now! April’s Patch Tuesday includes a fix for one zero-day appeared first on Malwarebytes Labs.

Read more