MUST READ. ShinyHunters is selling data of 30 million Santander customers.
Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw.
Microsoft fixed two zero-day bugs exploited in malware attacks.
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks.
BianLian group exploits JetBrains TeamCity bugs in ransomware attacks.
Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws.
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks.
Multiple malware used in attacks exploiting Ivanti VPN flaws.
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw.
Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies.
Critical Confluence flaw exploited in ransomware attacks.
CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog.
Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748.
Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198.
iLeakage attack exploits Safari to steal data from Apple devices.
Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks.
Apple fixed the 17th zero-day flaw exploited in attacks.
Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks.
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks.
This Cyber News was published on securityaffairs.com. Publication date: Fri, 31 May 2024 22:43:05 +0000