Please turn on your JavaScript for this page to function normally.
Progress MOVEit
MOVEit Transfer zero-day attacks: The latest info

There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – …

Progress MOVEit
Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!

UPDATE (June 2, 2023, 05:55 a.m. ET): Check out our update on this evolving situation. A critical zero-day vulnerability in Progress Software’s enterprise managed file …

Google Drive
Threat actors can exfiltrate data from Google Drive without leaving a trace

Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga …

Zyxel
Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

A recently fixed command injection vulnerability (CVE-2023-28771) affecting a variety Zyxel firewalls may soon be exploited in the wild, Rapid7 researchers have warned, after …

email
Fraudsters send fake invoice, follow up with fake exec confirmation

Fraudsters are trying out a new approach to convince companies to pay bogus invoices: instead of hijacking existing email threads, they are creating convincing ones …

PaperCut
PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates

Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro …

vmware
VMware fixes critical flaws in virtualization software (CVE-2023-20869, CVE-2023-20870)

VMware has fixed one critical (CVE-2023-20869) and three important flaws (CVE-2023-20870, CVE-2023-20871, CVE-2023-20872) in its VMware Workstation and Fusion virtual user …

Google Chrome security
Google adds new risk assessment tool for Chrome extensions

Google has made available a new tool for Google Workspace admins and security teams to make an assessment of the risk different Chrome extensions may present to their users: …

vmware
VMware plugs security holes in VMware Aria Operations for Logs (CVE-2023-20864, CVE-2023-20865)

VMware has fixed two vulnerabilities (CVE-2023-20864, CVE-2023-20865) in VMware Aria Operations for Logs (formerly vRealize Log Insight), a widely used cloud solution for log …

LinkedIn
LinkedIn now allows you to verify your workplace

To combat the surge of fake LinkedIn accounts in recent years, Microsoft has introduced Entra Verified ID, a new feature that allows users to verify their workplace on the …

shark
Cyber threats organizations should keep an eye on in 2023

In Malwarebytes’ most recent report on the current state of malware, the company has identified several high-profile cyber threats that organizations should be on the …

snake, threat
Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)

When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been …

Don't miss

Cybersecurity news