AA23-250A: 多個民族國家威脅執行者刺探利用 CVE-2022-47966 和 CVE-2022-42475
A joint Cybersecurity Advisory examines the exploitation of two critical vulnerabilities by nation-state threat actors....
AA23-215A: 2022's Top Routinely Exploited Vulnerabilities
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022....
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
MOVEit Transfer 弱點及 CL0P 勒索軟體集團的常見問答集
Frequently asked questions relating to vulnerabilities in MOVEit Transfer, including one that was exploited by the prolific CL0P ransomware gang....
CVE-2023-20887:網路指令插入的 VMware Aria 作業
VMware issues advisory to address three flaws in its VMware Aria Operations for Networks solution, including a critical command injection flaw assigned a CVSSv3 score of 9.8....
Microsoft 的 2023 年 6 月份 Patch Tuesday 解決了 70 個 CVE (CVE-2023-29357)
Microsoft addresses 70 CVEs in its June 2023 Patch Tuesday update including six rated as critical....
Volt Typhoon:國際網路安全有關當局詳細說明與中國政府贊助的威脅執行者相關的活動
Several international cybersecurity authorities from the United States, United Kingdom, Australia, Canada and New Zealand issue a joint advisory detailing tactics, techniques and procedures used in recent attacks by a Chinese state-sponsored threat actor....
Microsoft 2023 年 5 月的 Patch Tuesday 解決了 38 個 CVE (CVE-2023-29336)
Microsoft addresses 38 CVEs including three zero-day vulnerabilities, two of which were exploited in the wild....
CVE-2023-20864:VMware Aria 作業的記錄檔還原序列化弱點
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8....
Microsoft 在 2023 年 4 月份的 Patch Tuesday 中解決了 97 個 CVE (CVE-2023-28252)
Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day....
Microsoft 的 2023 年 2 月 Patch Tuesday 解決了 75 個 CVE (CVE-2023-23376)
Microsoft addresses 75 CVEs including three zero-day vulnerabilities that were exploited in the wild....
ProxyNotShell, OWASSRF, TabShell: Patch Your Microsoft Exchange Servers Now
Several flaws in Microsoft Exchange Server disclosed over the last two years continue to be valuable exploits for attackers as part of ransomware and targeted attacks against organizations that have yet to patch their systems. Patching the flaws outlined below is strongly recommended....