The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
The Hacker News
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
Bleeping Computer
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
SecurityWeek
Chinese hacking contest Matrix Cup is offering rewards for exploits targeting OS, smartphones, enterprise software, and security products.
Cyber Security News
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
SecurityWeek
European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom support portal.
Security Affairs
Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin's private SSH key.
The Record
The current cybersecurity situation in the healthcare industry is at least a decade in the making, White House official Anne Neuberger said at the RSA Conference.
Bleeping Computer
Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key.
Cyber Security News
Citrix has released a security bulletin detailing a critical vulnerability (CVE-2024-31497) affecting certain versions of their Citrix
CSO
Two high-risk vulnerabilities could be exploited to allow attackers to gain full administrative control on devices via leaked password hashes.
CSO
Organizations that eschew cyber insurance give up not only financial protection but also advice from the insurer on improving the security of their systems.
CSO
Much similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers.
DarkReading
The flaw was nearly identical to last year's CitrixBleed flaw, but not as severe.
CyberNews
Deutsche Telekom was one of dozens of other companies from around the globe posted on the infamous LockBit ransomware leak list of victims.
CyberSecurity Dive
Change Healthcare was running on legacy technology, which magnified the ransomware attack’s impact and hampered recovery efforts, Andrew Witty said.
DarkReading
The breach used stolen Citrix credentials for an account with no MFA. Attackers went undetected for days, and Change's backup strategy failed.
Infosecurity News
Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing
SecurityWeek
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee on May 1.
SC Magazine
Andrew Witty stuck with the familiar corporate line of providing consumers with two years of credit monitoring.
Ars Technica
Ransomware attack on the $371 billion company hamstrung US prescription market.
CyberSecurity Dive
AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.
Bleeping Computer
UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled.
CSO
In the written testimony before the House Energy and Commerce Committee, CEO Andrew Witty said after gaining access, the threat actor moved laterally within the systems using sophisticated methods and exfiltrated data.
CyberNews
The massive hack of UnitedHealth Group’s (UHG) tech subsidiary Change Healthcare was the result of an exploit of the Citrix bug, according to UHG CEO Andrew Witty.
SC Magazine
UnitedHealth Group’s CEO Andrew Witty set to testify before Congress tomorrow – security pros say there’s more to the story and it will take several more months of investigation before we know the full kill chain.
The Record
UnitedHealth Group CEO Andrew Witty is preparing to testify in two separate congressional hearings about the ransomware attack on the company's Change Healthcare unit.
Cyber Security News
Welcome to this week's edition of the Cyber Security News Weekly Round-Up. This issue covers the latest vulnerabilities, cyber attacks, and emerging threats that have been making headlines. Stay informed and stay secure!
CyberSecurity Dive
The campaign, dubbed ArcaneDoor, dates back to late 2023 and is targeting perimeter network devices from Cisco — and potentially other companies.
Ars Technica
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
Cyber Security News
Citrix's uberAgent, a sophisticated monitoring tool used to enhance performance and security across Citrix platforms, has been identified as having a critical vulnerability.
Ars Technica
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.
Trend Micro
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.
CyberSecurity Dive
The incident response firm identified eight threat groups targeting the remote access VPNs and observed evolved post-exploitation activity.
CyberSecurity Dive
The networking hardware vendor advised owners of the affected devices to retire and replace them. There is no patch available for the vulnerability.
The Hacker News
Multiple China-linked threat actors exploit zero-day flaws in Ivanti appliances (CVE-2023-46805, CVE-2024-21887, CVE-2024-21893).
The Record
Several China-based hacking groups, including Volt Typhoon, are targeting a trio of vulnerabilities affecting IT giant Ivanti alongside multiple cybercriminal operations.
SC Magazine
A PoC exploit is available for the critical flaw, which was added to CISA’s KEV catalog Monday.
HACKRead
From dark web to ransomware gangs, new tools and tactics are aiding cyber criminals in targeting E-commerce and Aviation Industries.
HACKRead
A Russian-Canadian citizen, Mikhail Vasiliev, has been sentenced to nearly four years in prison for his involvement in the LockBit ransomware operation.
CyberNews
Russian-Canadian national was jailed for crimes while involved with the LockBit ransomware cartel.
The Hacker News
Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.
Bleeping Computer
Citrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products.
Computerworld
Many of the buzziest IT trends — low-code automation, digital employee experience, and yes, even generative AI — are making their way into the major mobility management platforms. Here’s what to look for in 2024 and beyond.
Infosecurity News
Ransomware and destabilization attacks rose in 2023, yet France’s ANSSI is most concerned about a diversification of cyber espionage campaigns
Cyber Security News
The notorious ransomware group LockBit has re-emerged on the dark web, signaling a swift comeback less than a week after a significant
CyberNews
The LockBit ransom gang is back up since global police allege it decimated the group’s infrastructure and claimed the Ernest Health hospital network as its latest victim.
Infosecurity News
Adversaries targeting EU-based victims increasingly leverage EU affairs in spear phishing attacks, CERT-EU found
Infosecurity News
Proofpoint researchers observed a new Bumblebee social engineering campaign in February following a four-month absence
CyberNews
Planet Home Lending has disclosed a cyberattack that exposed the loan records of hundreds of thousands of people.
SC Magazine
In letter to customers, firm said it has no intention of paying a ransom.
HACKRead
Network security vendor Fortinet has released security updates to address remote code execution vulnerabilities in FortiOS.
The Hacker News
Fortinet has unveiled a critical security flaw in its SSL VPN, CVE-2024-21762, allowing hackers to execute arbitrary code.
SC Magazine
The FortiOS bug was patched a day after Volt Typhoon exploitation of past bugs was revealed.
CyberSecurity Dive
Ransomware payments surpassed $1.1 billion and researchers say attack sprees targeting MOVEit, GoAnywhere, Citrix devices and PaperCut helped fuel the surge.
The Record
Hackers allegedly connected to China’s government are conducting attacks with the long-term goal of causing physical destruction, according to a new advisory from several of the world’s leading cyber agencies.
Infosecurity News
The last quarter of 2023 saw an 80% year-on-year increase in ransomware victim claims, according to ReliaQuest
Security Affairs
The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity.
DarkReading
The Russian APT behind the SolarWinds attacks exfiltrated data from HPE email accounts last May.
Security Affairs
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
VMware has confirmed that a critical vCenter Server remote code execution vulnerability patched in October is now under active exploitation.
DarkReading
These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as "CitrixBleed."
Security Affairs
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chrome and Citrix flaws to Known Exploited Vulnerabilities catalog
DataBreaches
Sergiu Gatlan reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome...
CyberSecurity Dive
The company said the vulnerabilities are unrelated to CitrixBleed, but urged customers to immediately apply fixes to protect their systems.
CyberSecurity Dive
Executives described the file-transfer service as one of its stronger performing products and said customers remain loyal.
The Record
The cyber watchdog says federal agencies much patch one of the Citrix vulnerabilities by January 24 — a rare instance of putting a remediation date of less than three weeks on a vulnerability.
The Record
The guidance is an effort by the federal government to close gaps in protections for the water and sanitation industry, which has experienced a raft of cyberattacks in recent years.
The Record
The action against data aggregator InMarket Media suggests the Federal Trade Commission is more aggressively regulating the packaging and selling of individuals’ most sensitive data.
Bleeping Computer
Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks.
Security Affairs
Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler ADC and Gateway appliances
SecurityWeek
Citrix is aware of attacks exploiting two new NetScaler ADC and Gateway zero-day vulnerabilities tracked as CVE-2023-6548 and CVE-2023-6549.
CSO
A few older versions of NetScaler ADC and NetScaler Gateway have bugs allowing RCE and DoS attacks.
The Hacker News
Citrix Patches Critical RCE Vulnerabilities (CVE-2023-6548, CVE-2023-6549) Exploited in Wild.
Bleeping Computer
Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day vulnerabilities.
Ars Technica
Organizations using Ivanti Connect Secure should take action at once.
Ars Technica
Terrapin isn't likely to be mass-exploited, but there's little reason not to patch.
CyberSecurity Dive
Inc, a relatively new threat group, previously claimed to have stolen company data.
The Record
The printing and business services giant said its XBS division "experienced a security incident." A cybercrime gang called INC said it was responsible.
The Cyber Express
The year 2023 witnessed a surge in high-profile cyberattacks, leaving organizations shattered and the world in chaos. This digital turmoil
Cyber Security News
Top 10 Hacks of 2023. Malware. Phishing. Denial of Service (DoS). Distributed Denial of Service (DDoS). Man-in-the-Middle (MitM).
Cyber Security News
Some of the vulnerabilities were added to the CISA’s Known Exploited Vulnerabilities catalog marking them as extremely important to patch.
Infosecurity News
The number of victims listed on ransomware leak sites is up 110% year-on-year in November, according to Corvus Insurance
CyberSecurity Dive
The agency issued an RFI seeking industry input on costs, how to incorporate security into higher education and how to reduce recurring security vulnerabilities.
SecurityWeek
The recently disclosed Xfinity data breach, which involved exploitation of the CitrixBleed vulnerability, impacts 36 million individuals
HACKRead
Comcast Cable Communications, LLC, operating under the brand name Xfinity, has suffered a massive data breach affecting 36 million users.
Infosecurity News
Comcast Cable business Xfinity has suffered a data breach affecting almost 36 million customers
The Cyber Wire
Comcast warns Xfinity customers affected by a CitrixBleed exploit.
CSO
About 36 million Xfinity customers are affected, with names, contact info, birth dates, parts of Social Security numbers, and the answers to secret security questions stolen.
Security Affairs
Comcast’s Xfinity discloses a data breach after a cyber attack hit the company by exploiting the CitrixBleed vulnerability.
Ars Technica
Data for almost 36 million customers now in the hands of unknown hackers.
DarkReading
A trove of personal data belonging to millions of Americans is just the latest bullet point in a bad year for Citrix customers.
PCMag
In some cases, the hackers only stole usernames and hashed passwords. But in other cases, details including contact information and dates of birth were looted.
DataBreaches
The timeline from their notification to consumers tells the sad story: Notice of Data Security Incident We are notifying you of a recent data security incident...
SecurityWeek
Comcast’s Xfinity says customer data, including credentials, were compromised in an attack exploiting the CitrixBleed vulnerability
CyberSecurity Dive
The breach, involving 35.9 million customers, took place just a week after Citrix released a patch for a critical flaw.
CyberNews
Comcast's Xfinity breach exposed tens of millions of usernames and hashed passwords.
The Cyber Express
Xfinity is reaching out to its customers to inform them about a data security incident that unfolded in October 2023.
Bleeping Computer
Comcast Cable Communications, doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in October also stole customer-sensitive information from its systems.
Bleeping Computer
Comcast Cable Communications, doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in October also stole customer-sensitive information from its systems.
The Record
Cable TV and internet service provider Xfinity says a breach linked to a widespread vulnerability in Citrix technology exposed data of about nearly 36 million people in mid-October.
Loading more articles....