Categories: Exploits and vulnerabilities Categories: News Tags: Ivanti Tags: Sentry Tags: MobileIron Tags: CVE-2023-38035 Tags: MICS Tags: port 8443 There is some uncertainty about whether a vulnerability in Ivanti Sentry is being exploited in the wild, but why take the risk when you can patch? |
The post Ivanti Sentry critical vulnerability—don’t play dice, patch appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Adobe Tags: ColdFusion Tags: CVE-2023-26359 Tags: CVE-2023-26360 Tags: critical Tags: known exploited Tags: deserialization A second Adobe ColdFusion vulnerability that was patched in April has been added to CISA’s known exploited vulnerabilities catalog. |
The post Adobe ColdFusion vulnerability exploited in the wild appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: WinRAR Tags: CVE-2023-40477 Tags: RCE Tags: Windows 11 A new version of WinRAR is available that patches two vulnerabilities attackers could use for remote code execution. |
The post Update now! WinRAR files can be abused to run malware appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: ShareFile Tags: CVE-2023-24489 Tags: RCE Tags: unauthenticated Tags: vulnerability Tags: PoC Citrix ShareFile can be exploited remotely by unauthenticated attackers. |
The post Patch now! Citrix Sharefile joins the list of actively exploited file sharing software appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Exchange Tags: CVE-2023-21709 Tags: August update Tags: re-release Microsoft Exchange Server administrators may have to install a re-released security patch |
The post Exchange Server security updates updated appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Citrix Tags: NetScalers Tags: Germany Tags: CVE-2023-3519 Tags: Fox-IT Tags: DIVD Researchers have found almost 2000 backdoored Citrix NetScalers, many of which were patched after the backdoor in the form of a web shell was dropped. |
The post Citrix NetScalers backdoored in widespread exploitation campaign appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Ford Tags: Lincoln Tags: SYNC 3 Tags: CVE-2023-29468 Tags: TI WLink Tags: MCP driver A vulnerability in the SYNC 3 infotainment will not have a negative effect on driving safety, says Ford. |
The post Ford says it’s safe to drive its cars with a WiFi vulnerability appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Microsoft has announced patches for 87 vulnerabilities this month, including two that are being actively exploited. |
The post August Patch Tuesday stops actively exploited attack chain and more appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Zoho ManageEngine Tags: CVE-2021-40539 Tags: Log4Shell Tags: CVE-2021-44228 Tags: CVE-2021-13379 Tags: ProxyShell Tags: CVE-2021-34473 Tags: CVE-2021-31207 Tags: CVE-2021-34523 Tags: CVE-2021-26084 Tags: Atlassian Tags: CVE-2022-22954 Tags: CVE-2022-22960 Tags: CVE-2022-26134 Tags: CVE-2022-1388 Tags: CVE-2022-30190 Tags: Follina What can the routinely exploited vulnerabilities of 2022 tell us, and what do we think will make it on to next year’s list? |
The post 2022’s most routinely exploited vulnerabilities—history repeats appeared first on Malwarebytes Labs.
Read moreCategories: Exploits and vulnerabilities Categories: News Tags: Ivanti Tags: EPMM Tags: MobileIron Tags: CVE-2023-35081 Tags: CVE-2023-35078 Tags: tomcat Tags: arbitrary file write Tags: ACL Tags: upgrade Ivanti has issued a patch to address a second critical zero-day vulnerability |
The post Ivanti patches second zero-day vulnerability being used in attacks appeared first on Malwarebytes Labs.
Read more