Please turn on your JavaScript for this page to function normally.
Citrix
Citrix NetScaler bug exploited in the wild since August (CVE-2023-4966)

A recently patched Citrix NetScaler ADC/Gateway information disclosure vulnerability (CVE-2023-4966) has been exploited by attackers in the wild since late August 2023, …

target
DIY attack surface management: Simple, cost-effective and actionable perimeter insights

Modern-day attack surface management (ASM) can be an intimidating task for most organizations, with assets constantly changing due to new deployments, assets being …

atlassian confluence
Critical Atlassian Confluence vulnerability exploited by state-backed threat actor

A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have …

money
Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM

Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome’s V8 JavaScript engine and Google Cloud’s Kernel-based Virtual …

vulnerability
High number of security flaws found in EMEA-developed apps

Applications developed by organizations in Europe, Middle East and Africa tend to contain more security flaws than those created by their US counterparts, according to …

Apple
Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)

Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of …

artificial intelligence
3 ways to strike the right balance with generative AI

To find the sweet spot where innovation doesn’t mean sacrificing your security posture, organizations should consider the following three best practices when leveraging AI. …

vulnerabilities
Old vulnerabilities are still a big problem

A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote …

Atlas VPN
Atlas VPN zero-day allows sites to discover users’ IP address

Atlas VPN has confirmed the existence of a zero-day vulnerability that may allow website owners to discover Linux users’ real IP address. Details about this zero-day …

connected car
Connected cars and cybercrime: A primer

Original equipment suppliers (OEMs) and their suppliers who are weighing how to invest their budgets might be inclined to slow pedal investment in addressing cyberthreats. To …

Citrix
Ransomware group exploits Citrix NetScaler systems for initial access

A known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as …

Juniper Networks
PoC for no-auth RCE on Juniper firewalls released

Researchers have released additional details about the recently patched four vulnerabilities affecting Juniper Networks’ SRX firewalls and EX switches that could allow …

Don't miss

Cybersecurity news