CVE-2023-20269:經提報,Cisco Adaptive Security Appliance 和 Firepower Threat Defense 中的零時差攻擊遭到勒索軟體集團刺探利用
Ransomware groups including LockBit and Akira are reportedly exploiting a zero-day vulnerability in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) appliances with VPN functionality enabled.
AA23-250A: 多個民族國家威脅執行者刺探利用 CVE-2022-47966 和 CVE-2022-42475
A joint Cybersecurity Advisory examines the exploitation of two critical vulnerabilities by nation-state threat actors.
CVE-2023-2868: Barracuda and FBI Recommend Replacing Email Security Gateway (ESG) Devices Immediately
Since October 2022, attackers have been exploiting a zero-day vulnerability in Barracuda Email Security Gateway devices, and both the vendor and the FBI urge customers to replace these devices immediately.
CVE-2023-38035: Ivanti Sentry API Authentication Bypass Zero-Day Exploited in the Wild
For the third time in a month, Ivanti discloses a zero-day vulnerability in one of its products that has been exploited in the wild
Microsoft 的 2023 年 8 月份 Patch Tuesday 解決了 73 個 CVE (CVE-2023-38180)
Microsoft addresses 73 CVEs, including one vulnerability exploited in the wild.
AA23-215A: 2022's Top Routinely Exploited Vulnerabilities
A joint Cybersecurity Advisory collaborated on by multiple international agencies highlights the top routinely exploited vulnerabilities of 2022.
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
Oracle 2023 年 7 月重大修補程式更新中解決了 183 個 CVE
Oracle addresses 183 CVEs in its third quarterly update of 2023 with 508 patches, including 76 critical updates.
CVE-2023-3519: Critical RCE in Netscaler ADC (Citrix ADC) and Netscaler Gateway (Citrix Gateway)
Citrix has released a patch fixing a remote code execution vulnerability in several versions of Netscaler ADC and Netscaler Gateway that has been exploited. Organizations are urged to patch immediately.
CVE-2023-3595、CVE-2023-3596: Rockwell Automation ControlLogix 弱點的揭露
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes.
Finding Rockwell Automation Allen-Bradley Communication Modules Affected by CVE-2023-3595 and CVE-2023-3596 in OT Environments
Identifying vulnerable systems in your industrial environment can be complex. Use the wrong tool and it will overlook affected devices. Find out how Tenable OT Security is designed to give you in-depth asset visibility to address these new vulnerabilities without disrupting productivity.
Microsoft 2023 年 7 月公告的 Patch Tuesday 解決了 130 個 CVE (CVE-2023-36884)
Microsoft addresses 130 CVEs including five that were exploited in the wild as zero-day vulnerabilities and guidance on the malicious use of Microsoft signed drivers.
聯絡我們的銷售團隊