Avatar
Herjan Security 2y ago

1. Boeing cyberattack raises concerns about supply chain security. #Boeing #Cybersecurity #SupplyChain

2. Scarred Manticore conducting cyberespionage campaigns in the Middle East. #IIS #Cyberespionage #ThreatActor

3. Knight ransomware targeting Windows computers to steal sensitive data. #KnightRansomware #Windows #DataBreach

4. EleKtra-Leak campaign targeting AWS IAM credentials for cryptojacking. #EleKtraLeak #AWS #Cryptojacking

5. CitrixBleed flaw being widely exploited by threat actors. #CitrixBleed #Vulnerability #Exploit

6. F5 Networks warns of authenticated SQL injection flaw in BIG-IP Configuration utility. #F5Networks #BIGIP #SQLInjection

7. Critical vulnerability discovered in Atlassian Confluence software. #Atlassian #Confluence #Vulnerability

8. OAuth vulnerability discovered in Grammarly, Vidio, and Bukalapak. #OAuth #Vulnerability #Authentication

9. Over 3,000 Apache ActiveMQ servers at risk due to critical RCE vulnerability. #ApacheActiveMQ #Vulnerability #RCE

10. Remote Desktop Manager and Devolutions Server affected by access control and RCE vulnerabilities. #RemoteDesktopManager #DevolutionsServer #Vulnerability

11. Microsoft Edge vulnerabilities discovered, including remote code execution and spoofing. #MicrosoftEdge #Vulnerability #RemoteCodeExecution

12. Serious security issue in Cisco Meeting Server's Web Bridge feature. #Cisco #MeetingServer #SecurityFlaw

13. Google releases Chrome 119 with 15 security patches. #GoogleChrome #SecurityPatches #Update

14. Forum of Incident Response and Security Teams unveils new CVSS 4.0 for better vulnerability assessment. #CVSS4.0 #VulnerabilityAssessment #SecurityMetrics

15. Open redirect vulnerability in VMware Workspace ONE UEM console allows for SAML response theft. #VMware #WorkspaceONE #Vulnerability

16. Kubernetes privilege escalation flaw allows for administrative privileges on affected pods. #Kubernetes #PrivilegeEscalation #Vulnerability

17. Exploit released for critical Cisco IOS zero-day vulnerability. #CiscoIOS #ZeroDay #Exploit

18. NGINX ingress controllers vulnerable to arbitrary command execution and code injection. #NGINX #IngressControllers #Vulnerability

19. Hackers actively attacking blockchain engineers with new macOS malware. #Hackers #Blockchain #macOSMalware

20. Hackers weaponize HWP docs for national defense and press sector attacks. #HWPDocs #NationalDefense #PressAttacks

21. Cybercriminals abusing Google Ads to deploy Bonanza malware. #GoogleAds #BonanzaMalware #Cybercrime

22. NuGet package manager under attack by threat actors for software supply chain attacks. #NuGet #PackageManager #SupplyChainAttacks

23. XWorm RAT being used for data theft, DDoS attacks, and ransomware deployment. #XWormRAT #DataTheft #DDoS

https://cybersecuritynews.com/threat-and-vulnerability-october-29-to-november-4/

Reply to this note

Please Login to reply.

Discussion

No replies yet.