Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days.
Microsoft fixed two zero-day bugs exploited in malware attacks.
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks.
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204.
Terrapin attack allows to downgrade SSH protocol security.
Threat actors started exploiting critical ownCloud flaw CVE-2023-49103.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
Critical Confluence flaw exploited in ransomware attacks.
iLeakage attack exploits Safari to steal data from Apple devices.
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks.
Multiple APT groups exploited WinRAR flaw CVE-2023-38831.
Apple fixed the 17th zero-day flaw exploited in attacks.
Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks.
Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws.
Trend Micro addresses actively exploited zero-day in Apex One and other security Products.
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks.
This Cyber News was published on securityaffairs.com. Publication date: Sun, 30 Jun 2024 10:13:05 +0000