#zero_day

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity check might allow an unauthenticated remote attacker to manipulate the content of notifications received via HTTP by the CODESYS notification server.

Categories: Threat Intelligence Ransomware gangs are also starting to focus on exploiting zero-days for initial access. (Read more...) The post Global ransomware attacks at an all-time high, shows latest 2023 State of Ransomware report appeared first on Malwarebytes Labs.

Categories: Exploits and vulnerabilities Categories: News Tags: Ivanti Tags: EPMM Tags: MobileIron Tags: CVE-2023-35081 Tags: CVE-2023-35078 Tags: tomcat Tags: arbitrary file write Tags: ACL Tags: upgrade Ivanti has issued a patch to address a second critical zero-day vulnerability (Read more...) The post Ivanti patches second zero-day vulnerability being used in attacks appeared first on Malwarebytes Labs.

OXID eShop Enterprise Edition 6.5.0 – 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack.

A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to craft targeted phishing messages using the company's domain and infrastructure. "Those phishing campaigns cleverly evade conventional detection methods by chaining the Salesforce vulnerability and legacy quirks in Facebook's Web Games platform,"

By Deeba Ahmed Cloudzy is registered in the United States, and its CEO is an Iranian national. This is a post from HackRead.com Read the original post: Cloud Service Provider Cloudzy Accused of Aiding Ransomware and APTs

Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian

Plus: Mozilla fixes two high-severity bugs in Firefox, Citrix fixes a flaw that was used to attack a US-based critical infrastructure organization, and Oracle patches over 500 vulnerabilities.

Categories: Exploits and vulnerabilities Categories: News Tags: Barracuda Tags: ESG Tags: CVE-2023-2868 Tags: SUBMARINE Tags: SEASPY Tags: shell CISA has released three reports based on the analysis of backdoors planted on compromised Barracuda ESG appliances (Read more...) The post Compromised Barracuda appliances equipped with persistent backdoors by attackers appeared first on Malwarebytes Labs.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed by threat actors in connection with the hack on Barracuda Email Security Gateway (ESG) appliances. "SUBMARINE comprises multiple artifacts — including a SQL trigger, shell scripts, and a loaded library for a Linux daemon — that together enable