Atlassian Warns of Critical RCE Vulnerability in Outdated Confluence Instances

/in

Out-of-date Confluence Data Center and Server instances are haunted by a critical vulnerability leading to remote code execution.

The post Atlassian Warns of Critical RCE Vulnerability in Outdated Confluence Instances appeared first on SecurityWeek.

SecurityWeek – ​Read More

Adalanche: Open-Source Active Directory ACL Visualizer, Explorer

/in

The tool offers a visual attack graph representation of Active Directory in the browser, along with the ability to collect data from Windows machines and perform in-depth analysis.

Cyware News – Latest Cyber News – ​Read More

US Agencies Warn of Androxgh0st Malware Botnet Stealing AWS, Microsoft credentials

/in

Organizations are advised to implement mitigations such as keeping systems updated, securing cloud credentials, and scanning for unrecognized PHP files to reduce the risk of Androxgh0st infections.

Cyware News – Latest Cyber News – ​Read More

How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity

/in

Once, drug dealers and money launderers saw cryptocurrency as perfectly untraceable. Then a grad student named Sarah Meiklejohn proved them all wrong—and set the stage for a decade-long crackdown.

Security Latest – ​Read More

Oracle Patches 200 Vulnerabilities With January 2024 CPU

/in

Oracle releases 389 new security patches to address 200 vulnerabilities as part of the first Critical Patch Update of 2024.

The post Oracle Patches 200 Vulnerabilities With January 2024 CPU appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cyber Tops Business Risk for Enterprises Worldwide, Report Finds

/in

The rising sophistication of cybercriminals and state-linked actors is outpacing private industry’s defense capabilities, leading to concerns about severe disruptions to major businesses and critical infrastructure providers.

Cyware News – Latest Cyber News – ​Read More

Atlassian Fixed Critical RCE Flaw in Older Confluence Versions

/in

This template injection vulnerability allows remote attackers to execute arbitrary code on affected Confluence installs. Versions 8.0.x through 8.5.3 are impacted, but the latest supported versions are not affected.

Cyware News – Latest Cyber News – ​Read More

Remcos RAT Spreading Through Adult Games in New Attack Wave

/in

Remcos RAT is being distributed in South Korea disguised as adult-themed games via webhards, highlighting the deceptive tactics used by threat actors to propagate malware.

Cyware News – Latest Cyber News – ​Read More

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

/in

GitHub has revealed that it has rotated some keys in response to a security vulnerability that could be potentially exploited to gain access to credentials within a production container.
The Microsoft-owned subsidiary said it was made aware of the problem on December 26, 2023, and that it addressed the issue the same day, in addition to rotating all potentially exposed credentials out of an

The Hacker News – ​Read More

Windows SmartScreen Bug Abused to Deploy Phemedrone Stealer

/in
Despite being patched in November 2023, the CVE-2023-36025 Windows SmartScreen bypass vulnerability is still being exploited by malware distributors. The latest threat delivered through this vulnerability is a variant of the Phemedrone Stealer. To mitigate such threats, it’s crucial for users and organizations to regularly update their software and educate themselves about safe online practices.

Cyware News – Latest Cyber News – ​Read More