Rapid7 introduces AI-powered cloud anomaly detection
Rapid7 has announced its newest innovation in artificial intelligence (AI)-driven threat detection for the cloud. Now available in early access to select Rapid7 customers, …
Atlassian Confluence data-wiping vulnerability exploited
Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, …
Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)
Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). …
Critical Atlassian Confluence vulnerability exploited by state-backed threat actor
A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have …
Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)
Atlassian has fixed a critical zero-day vulnerability (CVE-2023-22515) in Confluence Data Center and Server that is being exploited in the wild. “Atlassian has been made …
Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP …
Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)
Software development firm JetBrains has fixed a critical vulnerability (CVE-2023-42793) in its TeamCity continuous integration and continuous delivery (CI/CD) solution, which …
Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access …
Cisco VPNs with no MFA enabled hit by ransomware groups
Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. …
Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)
Ivanti has disclosed a critical vulnerability (CVE-2023-35082) affecting old, out-of-support versions of MobileIron Core, an enterprise device solution that has since been …
Rapid7 Executive Risk View allows security teams to prioritize remediation actions
Rapid7 released Executive Risk View, a solution that normalizes risk scoring across cloud and on-premises environments so that security leaders can effectively assess and …
Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)
Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow …