A proof-of-concept (PoC) exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances. CVE-2023-4966 is a critical-severity remotely exploitable information disclosure flaw Citrix fixed on October 10 without providing many details. On October 17, Mandiant revealed that the flaw was abused as a zero-day in limited attacks since late August 2023. READ MORE...
The University of Michigan on Monday confirmed that personal information was accessed in a data breach discovered in August 2023. Initially disclosed at the end of August, the incident involved unauthorized access to the academic institution's campus computer network and resulted in system disruption and internet outages. The attackers, the university says, were able to access the personal information of students, applicants, alumni, donors, employees, and others. READ MORE...
Spanish police have arrested 34 suspected members of a criminal gang that are alleged to have run a variety of scams to steal data from over four million people. Law enforcement agents across the country took part in 16 searches that not only seized electronic equipment and computer databases, four expensive vehicles, and $80,000 Euros but also confiscated a baseball bat, a katana, and two firearms. READ MORE...
Operating since last May, an emerging ransomware strain called Rhysida was deployed along with new stealer malware called Lumar for a potent new one-two punch against Brazil's popular PIX payment system users. Researchers from Kaspersky reported Rhysida is functioning as a ransomware-as-a-service (RaaS) operation with a demonstrated ability to quickly evolve. The ransomware campaign targeting PIX has been ongoing since December 2022, the Kaspersky team noted. READ MORE...
Rockwell Automation has warned customers about the impact of an actively exploited Cisco IOS XE zero-day vulnerability on its Stratix industrial switches. Unidentified hackers have been exploiting two Cisco IOS XE zero-day vulnerabilities tracked as CVE-2023-20198 and CVE-2023-20273 to create high-privileged accounts on affected devices and deploy a Lua-based implant that gives them complete control of the system. READ MORE...
VMware has disclosed a critical vulnerability in its vCenter Server - and that it issued an update to fix it weeks ago, along with patches for unsupported versions of the software. The soon-to-be-acquired-by-Broadcom virtualization giant on Wednesday delivered news that its implementation of the Distributed Computing Environment/Remote Procedure Calls (DCERPC) protocol contains an out-of-bounds write vulnerability. READ MORE...