Patch now! Roundcube mail servers are being actively exploited
A vulnerability in Roundcube webmail is being actively exploited and CISA is urging users to install an updated version.
A vulnerability in Roundcube webmail is being actively exploited and CISA is urging users to install an updated version.
CISA has ordered all FCEB agencies to disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure solution products.
CISA has added two Citrix NetScaler vulnerabilities to its vulnerability catalog, with a very short deadline to patch.
A remote code execution vulnerability in Apache ActiveMQ is being used by the HelloKItty ransomware group.
Categories: Exploits and vulnerabilities Categories: News Tags: CISA Tags: KEV Tags: catalog Tags: vulnerabilities Tags: prioritize The CISA Known Exploited Vulnerabilities catalog has grown to cover more than 1,000 vulnerabilities since its launch in November 2021. |
The post CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it? appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Categories: News Tags: Blastpass Tags: citizenlab Tags: pegasus Tags: nso Tags: cisa Tags: apple Tags: cve-2023-41064 Tags: cve-2023-41061 Tags: buffer overflow CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities. |
The post Two Apple issues added by CISA to its catalog of known exploited vulnerabilities appeared first on Malwarebytes Labs.
Categories: Exploits and vulnerabilities Categories: News Tags: Zimbra Tags: ZCS Tags: CVE-2023-38750 Tags: CISA Tags: CVE-2023-0464 Tags: TAG Tags: XSS Tags: JSP Tags: XML Tags: Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. |
The post Zimbra issues awaited patch for actively exploited vulnerability appeared first on Malwarebytes Labs.
Categories: News Tags: CISA Tags: BOD 23-02 Tags: Internet exposed Tags: management interfaces Tags: vulnerabilities Tags: CVE-2023-27992 Tags: CVE-2023-20887 There is a lot to be said for the strategy of shielding management interfaces from public internet access |
The post Reducing your attack surface is more effective than playing patch-a-mole appeared first on Malwarebytes Labs.
Categories: News Categories: Ransomware Tags: CISA Tags: LockBit Tags: stats Tags: RaaS A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes. |
The post LockBit ransomware advisory from CISA provides interesting insights appeared first on Malwarebytes Labs.
Categories: News Tags: Cisco Tags: Zyxel Tags: ChatGPT Tags: Malvertising Tags: Apple Tags: Google Tags: insider threat Tags: Pentagon explosion Tags: CISA Tags: ransomware guide Tags: Rheinmetall Tags: BlackBasta Tags: WordPress A list of topics we covered in the week of May 22- 28 of 2023 |
The post A week in security (May 22-28) appeared first on Malwarebytes Labs.