Act now! In-the-wild Zimbra vulnerability needs a workaround
Security experts are warning Zimbra users that a vulnerability for which there is no patch is being actively exploited in the wild. In a security update about the vulnerability, the…
Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. Source: https://www.bleepingcomputer.com/news/security/hackers-exploiting-critical-wordpress-woocommerce-payments-bug/
Active Exploitation of Multiple Adobe ColdFusion Vulnerabilities
Rapid7 managed services teams have observed exploitation of Adobe ColdFusion in multiple customer environments. The attacks our team has responded to thus far appear to be chaining CVE-2023-29298 , a…
A technical analysis of the Quasar-forked RAT called VoidRAT
https://resources.securityscorecard.com/research/technical-analysis-of-the-quasar-forked-rat-called-void-rat Source: A technical analysis of the Quasar-forked RAT called VoidRAT / SecurityScoreCard
Black Basta Overview
Black Basta is a Russian-speaking group that was first spotted in early 2022. It is known for its double extortion attack, where it not only executes ransomware but also exfiltrates…
ISC China Report Summary
Original Document: https://isc.independent.gov.uk/wp-content/uploads/2023/07/ISC-China.pdf The “China” report by the Intelligence and Security Committee of Parliament provides an in-depth analysis of the perceived threats and challenges posed by China to the UK.…