HackDig : Dig high-quality web security articles

CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog

US CISA added the flaw CVE-2023-41179 in Trend Micro Apex and other security products to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the high-severity flaw CVE-2023-41179 (CVSS score 7.2) affecting Trend Micro Apex One and Worry-Free Business Security to its Known Exploited Vulnerabilities
Publish At:2023-09-22 15:29 | Read:55332 | Comments:0 | Tags:Breaking News Hacking Security CISA hacking news information

Two Apple issues added by CISA to its catalog of known exploited vulnerabilities

The Cybersecurity & Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by October 2, 2023 in order to protect their devices against active thr
Publish At:2023-09-12 22:07 | Read:123841 | Comments:0 | Tags:Exploits and vulnerabilities News Blastpass citizenlab pegas

CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog

U.S. CISA adds vulnerabilities in Apple devices exploited to install NSO Group’s Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog. T
Publish At:2023-09-11 15:29 | Read:93783 | Comments:0 | Tags:Breaking News Security Apple Hacking hacking news informatio

US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-33246 in Apache RocketMQ to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-33246 (CVSS score 9.8) affecting Apache RocketMQ to its Known Exploited Vulnerabilities Catalog. Several components of Apache RocketMQ, includin
Publish At:2023-09-09 14:15 | Read:149408 | Comments:0 | Tags:Breaking News Hacking Security hacking news information secu

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

U.S. CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The US agency has
Publish At:2023-09-08 08:09 | Read:102769 | Comments:0 | Tags:Breaking News Hacking Fortinet FortiOS SSL-VPN hacking news

MITRE and CISA release Caldera for OT attack emulation

MITRE and CISA released a Caldera extension for OT that allows the emulation of attacks on operational technology systems. MITRE Caldera is an open-source adversary emulation platform that helps cybersecurity practitioners to automate security assessments. The tool is built on the MITRE ATT&CK framework, which is a widely-recognized framework for und
Publish At:2023-09-06 07:33 | Read:120534 | Comments:0 | Tags:Breaking News Hacking ICS-SCADA Security CISA hacking news i

Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware

Russia-linked threat actors have been targeting Android devices of the Ukrainian military with a new malware dubbed Infamous Chisel. GCHQ’s National Cyber Security Centre and international partners reported that Russia-linked threat actors are using a new malware to target the Ukrainian military Government experts attribute the attack to the Russian m
Publish At:2023-08-31 20:14 | Read:310701 | Comments:0 | Tags:Breaking News Cyber warfare Hacking Intelligence Malware And

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-26359 (CVSS score 9.8) affecting Adobe ColdFusion to its Known Exploited Vulnerabilities Catalog. Adobe fixed the critical flaw in March 2023,
Publish At:2023-08-22 07:32 | Read:232995 | Comments:0 | Tags:Breaking News Security Adobe Adobe ColdFusion Hacking hackin

CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog

US CISA added critical vulnerability CVE-2023-24489 in Citrix ShareFile to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added critical flaw CVE-2023-24489 (CVSS score 9.8) affecting Citrix ShareFile to its Known Exploited Vulnerabilities Catalog. Citrix ShareFile is a secure fil
Publish At:2023-08-16 19:27 | Read:200301 | Comments:0 | Tags:Breaking News Hacking CISA Citrix ShareFile Cybercrime hacki

CISA discovered a new backdoor, named Whirlpool, used in Barracuda ESG attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) observed a new backdoor, named Whirlpool, in attacks on Barracuda ESG appliances. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor, named Whirlpool, that was employed in attacks targeting Barracuda ESG devices. At the end of May, the netw
Publish At:2023-08-10 15:28 | Read:387226 | Comments:0 | Tags:Breaking News Hacking Malware Barracuda ESG CISA hacking new

CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog

US CISA added zero-day vulnerability CVE-2023-38180 affecting .NET and Visual Studio to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added an actively exploited zero-day vulnerability CVE-2023-38180 (CVSS score 7.5) affecting .NET and Visual Studio to its Known Exploited Vulnerabilities Catalog.
Publish At:2023-08-10 07:32 | Read:343992 | Comments:0 | Tags:Breaking News Security CISA CVE-2023-38180 Hacking hacking n

CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022

CISA, the FBI, and NSA, along with Five Eyes cybersecurity agencies published a list of the 12 most exploited vulnerabilities of 2022. CISA, the NSA, and the FBI, in collaboration with cybersecurity authorities from Australia, Canada, New Zealand, and the United Kingdom, have published a list of the 12 most exploited vulnerabilities of 2022. The knowl
Publish At:2023-08-04 03:33 | Read:275710 | Comments:0 | Tags:Breaking News Security CISA FBI Hacking hacking news IT Info

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM, formerly MobileIron Core) vulnerability, tracked as CVE-2023-35081, to its 
Publish At:2023-08-02 03:33 | Read:289816 | Comments:0 | Tags:Breaking News Security CISA Hacking hacking news information

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an alert on a malware variant, tracked as SUBMARINE Backdoor, that was employed in attacks exploiting the flaw CVE-2023-2868 in Barrac
Publish At:2023-07-29 20:13 | Read:304767 | Comments:0 | Tags:Breaking News Hacking Malware Barracuda ESG CVE-2023-2868 ha

Zimbra issues awaited patch for actively exploited vulnerability

Two weeks ago, we urged readers to apply a workaround for an actively exploited vulnerability in Zimbra Collaboration Suite (ZCS) email servers. Zimbra has released ZCS 10.0.2 that fixes two security issues, including the known bug that could lead to exposure of internal JSP and XML files. Zimbra is an open source webmail application used for messa
Publish At:2023-07-28 22:05 | Read:354803 | Comments:0 | Tags:Exploits and vulnerabilities News Zimbra ZCS CVE-2023-38750

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud