Patch Diffing Progress MOVEIt Transfer RCE (CVE-2023-34362) – Assetnote
30
Jun
2023

Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – Assetnote

Summary URL query parameters are not adequately sanitised before they are placed into an HTTP Location header. An attacker can…

Share: X : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – AssetnoteFacebook : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – AssetnoteLinkedin : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – AssetnoteReddit : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – AssetnoteTelegram : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – AssetnoteWhatsApp : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – AssetnoteEmail : Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – Assetnote
Why Should You Take IT Security Seriously?
30
Jun
2023

Crack the Code: How to Secure Your Dream Cybersecurity Career

With cyber threats constantly dominating headlines, the draw of a career in cybersecurity has never been higher for young professionals. …

Share: X : Crack the Code: How to Secure Your Dream Cybersecurity CareerFacebook : Crack the Code: How to Secure Your Dream Cybersecurity CareerLinkedin : Crack the Code: How to Secure Your Dream Cybersecurity CareerReddit : Crack the Code: How to Secure Your Dream Cybersecurity CareerTelegram : Crack the Code: How to Secure Your Dream Cybersecurity CareerWhatsApp : Crack the Code: How to Secure Your Dream Cybersecurity CareerEmail : Crack the Code: How to Secure Your Dream Cybersecurity Career
GuLoader Attacking Law Firms Using Weaponized PDF File
30
Jun
2023

GuLoader Attacking Law Firms Using Weaponized PDF File

The cybersecurity researchers at Morphisec Labs have been tracking the GuLoader campaign since April of this year and found that…

Share: X : GuLoader Attacking Law Firms Using Weaponized PDF FileFacebook : GuLoader Attacking Law Firms Using Weaponized PDF FileLinkedin : GuLoader Attacking Law Firms Using Weaponized PDF FileReddit : GuLoader Attacking Law Firms Using Weaponized PDF FileTelegram : GuLoader Attacking Law Firms Using Weaponized PDF FileWhatsApp : GuLoader Attacking Law Firms Using Weaponized PDF FileEmail : GuLoader Attacking Law Firms Using Weaponized PDF File
New Proxyjacking Campaign Attacking Vulnerable SSH Servers
30
Jun
2023

Proxyjacking campaign attack SSH servers

It has been observed that a new Proxyjacking campaign attack SSH servers and subsequently builds Docker services that share the victim’s…

Share: X : Proxyjacking campaign attack SSH serversFacebook : Proxyjacking campaign attack SSH serversLinkedin : Proxyjacking campaign attack SSH serversReddit : Proxyjacking campaign attack SSH serversTelegram : Proxyjacking campaign attack SSH serversWhatsApp : Proxyjacking campaign attack SSH serversEmail : Proxyjacking campaign attack SSH servers
Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks
30
Jun
2023

Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks

Jun 30, 2023The Hacker NewsCyber Espionage/ Malware Charming Kitten, the nation-state actor affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC),…

Share: X : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage AttacksFacebook : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage AttacksLinkedin : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage AttacksReddit : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage AttacksTelegram : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage AttacksWhatsApp : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage AttacksEmail : Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks
Patch Diffing Progress MOVEIt Transfer RCE (CVE-2023-34362) – Assetnote
30
Jun
2023

Reversing Citrix Gateway for XSS – Assetnote

One of the targets we looked at late last year was Citrix Gateway. Citrix Gateway is another of these “all-in-one”…

Share: X : Reversing Citrix Gateway for XSS – AssetnoteFacebook : Reversing Citrix Gateway for XSS – AssetnoteLinkedin : Reversing Citrix Gateway for XSS – AssetnoteReddit : Reversing Citrix Gateway for XSS – AssetnoteTelegram : Reversing Citrix Gateway for XSS – AssetnoteWhatsApp : Reversing Citrix Gateway for XSS – AssetnoteEmail : Reversing Citrix Gateway for XSS – Assetnote
Cybersecurity news roundup
30
Jun
2023

In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under…

Share: X : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security ToolsFacebook : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security ToolsLinkedin : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security ToolsReddit : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security ToolsTelegram : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security ToolsWhatsApp : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security ToolsEmail : In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools
LockBit
30
Jun
2023

TSMC denies LockBit hack as ransomware gang demands $70 million

Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to…

Share: X : TSMC denies LockBit hack as ransomware gang demands $70 millionFacebook : TSMC denies LockBit hack as ransomware gang demands $70 millionLinkedin : TSMC denies LockBit hack as ransomware gang demands $70 millionReddit : TSMC denies LockBit hack as ransomware gang demands $70 millionTelegram : TSMC denies LockBit hack as ransomware gang demands $70 millionWhatsApp : TSMC denies LockBit hack as ransomware gang demands $70 millionEmail : TSMC denies LockBit hack as ransomware gang demands $70 million
Patch Tuesday: Critical Flaws in Adobe Commerce Software
30
Jun
2023

200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ Plugin

More than 200,000 WordPress websites are exposed to ongoing attacks targeting a critical vulnerability in the Ultimate Member plugin. Designed…

Share: X : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ PluginFacebook : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ PluginLinkedin : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ PluginReddit : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ PluginTelegram : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ PluginWhatsApp : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ PluginEmail : 200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ Plugin
Russian Defense satellite communications provider Hacked
30
Jun
2023

Russian Defense satellite communications provider Hacked

According to a report from the Telegram channel, Dozor, a Russian telecommunications company that offers services to power grids, oil…

Share: X : Russian Defense satellite communications provider HackedFacebook : Russian Defense satellite communications provider HackedLinkedin : Russian Defense satellite communications provider HackedReddit : Russian Defense satellite communications provider HackedTelegram : Russian Defense satellite communications provider HackedWhatsApp : Russian Defense satellite communications provider HackedEmail : Russian Defense satellite communications provider Hacked
SGN pens IT service desk outsourcing deal
30
Jun
2023

SGN pens IT service desk outsourcing deal

SGN has swapped an IT managed service from Fujitsu with a five-year agreement with CGI as part of its plans…

Share: X : SGN pens IT service desk outsourcing dealFacebook : SGN pens IT service desk outsourcing dealLinkedin : SGN pens IT service desk outsourcing dealReddit : SGN pens IT service desk outsourcing dealTelegram : SGN pens IT service desk outsourcing dealWhatsApp : SGN pens IT service desk outsourcing dealEmail : SGN pens IT service desk outsourcing deal
Samsung vulnerabilities exploited
30
Jun
2023

Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware Vendor

The US Cybersecurity and Infrastructure Security Agency (CISA) has added half a dozen flaws affecting Samsung smartphones to its Known…

Share: X : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware VendorFacebook : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware VendorLinkedin : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware VendorReddit : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware VendorTelegram : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware VendorWhatsApp : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware VendorEmail : Samsung Phone Flaws Added to CISA ‘Must Patch’ List Likely Exploited by Spyware Vendor