mercredi 16 août 2023 à 12:38
Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that’s used by 30,000 organizations.
The vulnerabilities, collectively tracked as CVE-2023-32560 (CVSS score: 9.8), are stack-based buffer overflows in Ivanti Avalanche WLAvanacheServer.exe v6.4.0.0.
Cybersecurity company Tenable said the shortcomings are the result of buffer
mercredi 16 août 2023 à 06:20
Nearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as part of a large-scale attack.
"An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing web shells on vulnerable NetScalers to gain persistent access," NCC Group said in an advisory released Tuesday.
"The adversary can
mardi 15 août 2023 à 20:14
Threat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months.
"The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud apps," Netskope security researcher Jan Michael said.
Cloudflare R2, analogous to Amazon Web Service S3, Google Cloud Storage, and
mardi 15 août 2023 à 20:13
Is your organization constantly under threat from credential phishing? Even with comprehensive security awareness training, many employees still fall victim to credential phishing scams.
The result? Cybercriminals gaining immediate and unhindered access to sensitive data, email accounts, and other applications. But what if you could outsmart these criminals and protect your organization?
Join