SANS ISC
Phishers tricking users via fake LinkedIn Private Shared Document
Phishers are trying to trick users into opening a “LinkedIn Private Shared Document” and entering their login credentials into a fake LinkedIn login page, security …
Easily exploitable RCE in Oracle WebLogic Server under attack (CVE-2020-14882)
A critical and easily exploitable remote code execution vulnerability (CVE-2020-14882) in Oracle WebLogic Server is being targeted by attackers, SANS ISC has warned. Oracle …
Attackers are probing Citrix controllers and gateways through recently patched flaws
Earlier this week, Citrix released security updates for Citrix Application Delivery Controller (ADC), Citrix Gateway, and the Citrix SD-WAN WANOP appliance, and urged admins …
Attackers are bypassing F5 BIG-IP RCE mitigation – you might want to patch after all
Attackers are bypassing a mitigation for the BIG-IP TMUI RCE vulnerability (CVE-2020-5902) originally provided by F5 Networks, NCC Group’s Research and Intelligence …
Better cybersecurity hinges on understanding actual risks and addressing the right problems
SANS Technology Institute’s Internet Storm Center (ISC) has been a valuable warning service and source of critical cyber threat information to internet users, …
Kwampirs threat actor continues to breach transnational healthcare orgs
The Kwampirs (aka Orangeworm) attack group continues to target global healthcare entities in this time of crisis, the FBI has warned. “Targeted entities range from major …
First patches for the Citrix ADC, Gateway RCE flaw released
As attackers continue to hit vulnerable Citrix (formerly Netscaler) ADC and Gateway installations, Citrix has released permanent fixes for some versions and has promised to …
January 2020 Patch Tuesday: Microsoft nukes Windows crypto flaw flagged by the NSA
As forecasted, January 2020 Patch Tuesday releases by Microsoft and Adobe are pretty light: the “star of the show” is CVE-2020-0601, a Windows flaw flagged by the …
Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing
With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a …
Critical Exim flaw exploitable locally and remotely, patch ASAP!
A critical vulnerability in Exim, the mail transfer agent (MTA) deployed on over half of all Internet-facing mail servers, may allow attackers to run commands as the …
Adobe plugs critical RCE Flash Player flaw, update ASAP! Exploitation may be imminent
Adobe has released a Flash Player update that plugs a critical vulnerability (CVE-2018-15981) that could lead to remote code execution, and is urging users to implement it as …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …