BeyondTrust reveals appliance vulnerability – Security
A remote access management vulnerability has emerged in BeyondTrust appliances. The security advisory is available to customers only, but security researcher Brian Krebs has obtained…
Month: August 2023
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacksSecurity Affairs
Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver…
AWS calls for an emerging technology national advisory group – Strategy – Software
Amazon Web Services has called for a national advisory group to assess practices and continually review generative AI use within the Australian education system. In…
Microsoft Catches Russian Government Hackers Phishing with Teams Chat App
Software giant Microsoft on Wednesday sounded an alarm after catching a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for…
Ivanti discloses new critical auth bypass bug in MobileIron Core
IT software company Ivanti disclosed today a new critical security vulnerability in its MobileIron Core mobile device management software. Tracked as CVE-2023-35082, the flaw is…
Meta releases AI tool to create music from text – Software
Meta Platforms has introduced its open-source AI tool called AudioCraft that will help users to create music and audio based on text prompts. The AI…
Russian hackers target govt orgs in Microsoft Teams phishing attacks
Microsoft says a hacking group tracked as APT29 and linked to Russia’s Foreign Intelligence Service (SVR) targeted dozens of organizations worldwide, including government agencies, in…
Zero-day in Salesforce email services exploited in targeted Facebook phishing campaignSecurity Affairs
Experts spotted a spear-phishing Facebook campaign exploiting a zero-day vulnerability in Salesforce email services. Researchers from Guardio Labs uncovered a sophisticated phishing campaign exploiting a…
Over 640 Citrix servers backdoored with web shells in ongoing attacks
Hundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting a critical remote code execution…
Shield and Visibility Solutions Target Phishing From Inside the Browser
Menlo Security has introduced two anti-phishing solutions that tackle the problem from within the browser; that is, by analyzing what the user sees on a…
New Collide+Power side-channel attack impacts almost all CPUs
A new software-based power side-channel attack called ‘Collide+Power’ was discovered, impacting almost all CPUs and potentially allowing data to leak. However, the researchers warn that…
NodeStealer 2.0 Poses as ‘Microsoft’ to Hack Facebook and Browser Data
IN SUMMARY Palo Alto Networks’ Unit 42 identified and reported NodeStealer 2.0. The Python-based malware steals crypto, Facebook and browser data. It spreads through phishing,…