US-based IT software company Ivanti has patched an actively exploited zero-day vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management…
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install…
American cloud computing services provider Rackspace says an ongoing outage affecting its hosted Microsoft Exchange environments and likely thousands of customers was…
Microsoft has released security updates to address two high-severity Microsoft Exchange zero-day vulnerabilities collectively known as ProxyNotShell and exploited in…
Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. [...]
World’s largest commercial bank ICBC confirms ransomware attack
The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following a ransomware attack that disrupted the…
Ivanti patches MobileIron zero-day bug exploited in attacks
US-based IT software company Ivanti has patched an actively exploited zero-day vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management…
Hackers exploit critical Zyxel firewall flaw in ongoing attacks
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install…
Hotels at Risk From Bug in Oracle Property Management Software
Oracle's characterization of the vulnerability in its Opera software as complex and hard to exploit is incorrect, researchers who found…
Rackspace Incident Highlights How Disruptive Attacks on Cloud Providers Can Be
A ransomware attack on the company's Hosted Exchange environment disrupted email for thousands of mostly small and midsize businesses.
Rackspace: Ongoing Exchange outage caused by security incident
American cloud computing services provider Rackspace says an ongoing outage affecting its hosted Microsoft Exchange environments and likely thousands of customers was…
Microsoft fixes ProxyNotShell Exchange zero-days exploited in attacks
Microsoft has released security updates to address two high-severity Microsoft Exchange zero-day vulnerabilities collectively known as ProxyNotShell and exploited in…
Windows Mark of the Web Zero-Days Remain Patchless, Under Exploit
A pair of Microsoft bugs allow cyberattackers to bypass native Windows Internet download security, says former CERT CC researcher who…
Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text
There's nothing yet to suggest CVE-2022-42889 is the next Log4j. But proof-of-concept code is available, and interest appears to be…
Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub
Scammers are impersonating security researchers to sell fake proof-of-concept ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. [...]