Yet again, threat actors exploit a critical file-transfer service CVE

File-transfer services are prime targets and vulnerabilities in the open source ownCloud mark the latest in a series of critical services under attack.

By Matt Kapko • Updated Dec. 1, 2023

CitrixBleed worries mount as nation state, criminal groups launch exploits

LockBit 3.0 affiliates targeted a unit of Boeing and federal authorities have alerted almost 300 organizations they are vulnerable to attack.

By David Jones • Nov. 22, 2023

5 Juniper CVEs actively exploited in the wild

The vendor warned the Junos OS vulnerabilities can be chained to remotely execute code.

By Matt Kapko • Nov. 15, 2023

File-transfer services, rich with sensitive data, are under attack

This year has seen a trio of supply-chain attacks that created turmoil for thousands of corporate victims and their customers.

By Matt Kapko • Nov. 14, 2023

CitrixBleed sparks race to patch, hunt for malicious activity

CISA urged organizations to patch, mitigate and report any positive findings as Citrix NetScaler ADC and NetScaler Gateway users remain exposed to session hijack.

By David Jones • Nov. 8, 2023

Atlassian Confluence customers confront pair of critical vulnerabilities

Back-to-back vulnerabilities in the enterprise content collaboration and management workspace remain under active attack by threat actors.

By Matt Kapko • Nov. 7, 2023

CISA targets software identification in push to boost supply chain security

The plan is part of a wider effort to boost software security using vulnerability management and SBOMs.

By David Jones • Oct. 27, 2023

Citrix urges NetScaler ADC, Gateway customers to patch

The company warned of session hijacking and targeted attacks against a critical vulnerability.

By David Jones • Oct. 24, 2023

Cisco urges IOS XE customers to patch as thousands of devices remain infected

The company released enhanced guidance after security researchers were temporarily unable to detect exploited devices.

By David Jones • Oct. 24, 2023

Microsoft extends security log retention following State Department hacks

Government and private sector customers will be able to search cloud data records for malicious threat activity by default.

By David Jones • Oct. 23, 2023

Cisco releases security fix for widely-exploited IOS XE software vulnerability

An unidentified threat actor is linked to attacks dating back to mid-September, resulting in about 42,000 exploited devices.

By David Jones • Updated Oct. 23, 2023

Critical flaw in JetBrains TeamCity exploited weeks after patch issued

State-linked actors are targeting the CI/CD platform, and the vendor warns backdoors are lingering undetected.

By David Jones • Oct. 20, 2023

Almost 42K Cisco IOS XE devices exploited, no patch available

Security researchers warn the number of infected hosts grew after a critical zero-day vulnerability was found.

By David Jones • Oct. 19, 2023

Citrix Netscaler patch for critical CVE bypassed by malicious hackers

Citrix issued the patch on Oct. 10 for critical vulnerabilities in Netscaler ADC and Netscaler Gateway, but Mandiant is urging users to terminate all sessions.

By David Jones • Updated Oct. 19, 2023

Cisco’s critical IOS XE software zero day is a ‘bad situation’

Researchers from VulnCheck said they have found thousands of implanted hosts.

By David Jones • Oct. 17, 2023

Critical Atlassian Confluence CVE under exploit by prolific state-linked actor

Microsoft researchers warn a threat actor with ties to China has been exploiting the vulnerability since mid-September.

By David Jones • Oct. 13, 2023

Microsoft tops CISA’s list of exploited CVEs used in ransomware attacks

CISA updated its Known Exploited Vulnerabilities Catalog to alert organizations to CVEs linked to ransomware.

By Matt Kapko • Updated Oct. 16, 2023

Federal agencies press OT/ICS providers on open-source security

The U.S. is scrutinizing the security of critical infrastructure providers, which are becoming more dependent on connected infrastructure.

By David Jones • Oct. 12, 2023

Curl CVE has security community on edge as patch drops

The widely used tool has a vulnerability that can be exploited to cause a heap-based buffer overflow issue.

By David Jones • Oct. 11, 2023

CISA urges security upgrades as DDoS continues to target Rapid Reset zero day

Microsoft released guidance on mitigation steps, while F5 warned about denial of service attack risk against Nginx Open Source.

By David Jones • Oct. 11, 2023

Cloud giants sound alarm on record-breaking DDoS attacks

Google, AWS and Cloudflare warned the HTTP/2 Rapid Reset attacks are beyond anything ever recorded. 

By David Jones • Oct. 10, 2023

Multiple exploits hit Progress Software’s WS_FTP Server

A Progress spokesperson criticized unnamed third parties for releasing a proof of concept that "provided threat actors a roadmap on how to exploit the vulnerabilities."

By Matt Kapko • Oct. 3, 2023

Progress Software discloses 8 vulnerabilities in one of its other file-transfer services

The company behind the beleaguered MOVEit service has another vulnerable tool — WS_FTP Server. While there are no known exploits, two of the CVEs are critical.

By Matt Kapko • Sept. 29, 2023

CISA urges use of memory safe code in software development

Unsafe programming languages, like C and C++, account for more than 70% of security vulnerabilities. 

By David Jones • Sept. 22, 2023

White House, federal cyber leaders pledge renewed support for open source security

CISA released a roadmap for open source software security as industry officials convened to map out additional steps to protect federal agencies and the larger ecosystem.

By David Jones • Sept. 13, 2023