Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks
Researchers at Microsoft say a known nation-state threat actor is behind the zero-day exploits hitting Atlassian’s Confluence Data Center and Server products. A note from…
Category: SecurityWeek
Beyond the Front Lines: How the Israel-Hamas War Impacts the Cybersecurity Industry
While the mainstream media is covering the tragic and heartbreaking events of the war in Israel in detail, SecurityWeek wanted to look at a specific…
Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business
Microsoft’s security response team on Tuesday pushed out a massive batch of software and OS updates to cover more than 100 vulnerabilities across the Windows…
Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop
Software maker Adobe on Tuesday released fixes for at least 13 security vulnerabilities in multiple product lines, warning that critical flaws in Adobe Commerce and…
New ‘Grayling’ APT Targeting Organizations in Taiwan, US
A previously unknown advanced persistent threat (APT) actor has been targeting Taiwanese organizations across multiple sectors, Broadcom’s Symantec cybersecurity unit reports. As part of a…
Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal
A variant of the Mirai botnet has recently updated its arsenal of tools with 13 exploits targeting vulnerabilities in IoT devices from D-Link, TP-Link, Zyxel,…
‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History
Cloudflare, Google and AWS revealed on Tuesday that a new zero-day vulnerability named ‘HTTP/2 Rapid Reset’ has been exploited by malicious actors to launch the…
SAP Releases 7 New Notes on October 2023 Patch Day
German software maker SAP this week announced the release of seven new and two updated security notes as part of its October 2023 Security Patch…
SecurityWeek to Host 2023 ICS Cybersecurity Conference October 23-26 in Atlanta
SecurityWeek will host its 2023 Industrial Control Systems (ICS) Cybersecurity Conference from October 23–26, 2023 at the InterContinental Atlanta Buckhead. Now in its 22nd year, the conference…
Twistlock Founders Score Whopping $51M Seed Funding for Gutsy
The team of entrepreneurs that created and sold Twistlock to Palo Alto are peeling the wraps of a brand new cybersecurity upstart focused on redefining…
One-Click GNOME Exploit Could Pose Serious Threat to Linux Systems
GitHub’s Security Lab has warned Linux users about a serious remote code execution vulnerability affecting a component of the popular GNOME desktop environment. The flaw…
Magecart Web Skimmer Hides in 404 Error Pages
A recent Magecart web skimming campaign is using three concealment techniques, including by hiding the malicious code in the targeted website’s ‘404’ error page, Akamai’s…