September 2023 – TheCyberThrone

Mozilla fixes CVE-2023-5217 Vulnerability in its Products

Mozilla has released critical security updates for its web browser, Firefox, as well as its email client, Thunderbird, in response to a significant security vulnerability. This vulnerability tracked as CVE-2023-5217…

PravinKarthik September 30, 2023

CISA KEV Update Part III – September 2023

The US CISA has added the critical flaw CVE-2018-14667 with a CVSS score of 9.8 affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is…

PravinKarthik September 30, 2023

Exim Mail Transfer Server Vulnerabilities

Researchers have spotted that thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little…

PravinKarthik September 30, 2023

Johnson Controls Ransomware Attack

Johnson Controls is battling the notorious Dark Angels hackers who have locked up the company’s data and are demanding an astonishing $51 million for its release In a filing with…

PravinKarthik September 30, 2023

Progress issues Patches for Critical WS_FTP Flaws

Progress Software, has issued a patch for a maximum severity vulnerability in its WS_FTP Server software and advises users to deploy the patch quickly. During this week, Progress have disclosed…

PravinKarthik September 29, 2023

NIST Releases SP 800-82r3 guide for OT

NIST has released the first draft of Special Publication 800-82r3 (Revision 3) in April 2021, with a second draft being released in 2022. The third revision of the OT security…

PravinKarthik September 29, 2023

Cisco Semi-annual Security Advisory Summary

Cisco has released its latest semi-annual Security Advisory Bundled Publication. It detailed eight vulnerabilities affecting its IOS and IOS XE operating systems, among them CVE-2023-20109, an out-of-bounds write issue which…

PravinKarthik September 29, 2023

BlackTech Havoc’s Organizations with Cisco Router Bug

Researchers have spotted a Chinese threat actor quietly manipulating Cisco routers to breach multinational organizations in the US and Japan. The threat actor dubbed as BlackTech has been foind replacing device…

PravinKarthik September 29, 2023