2023 – Page 6 – TheCyberThrone

Ransomware groups collaborate in an attack campaign

Researchers from ReSecurity have discovered a connection between multiple ransomeware gangs. In a recent Digital Forensics & Incident Response with a law enforcement agency, this was discovered. Resecurity’s spotted the…

PravinKarthik December 15, 2023

CozyBear exploiting JetBrains flaw – CVE-2023-42793

Russian Cozybear group is infiltrating JetBrains TeamCity servers using a critical vulnerability enabling authorization bypass and arbitrary code execution, government officials warn. As said, the threat actors have been exploiting…

PravinKarthik December 15, 2023

Kraft Heinz unfazes cyber attack. Snatch claims responsibility

Kraft Heinz Co. is investigating a cyberattack that resulted in the alleged theft of data by a ransomware group. This came into light after the Snatch ransomware gang named Kraft…

PravinKarthik December 15, 2023

Sophos Released Hotfixes for CVE-2022-3236

A critical vulnerability in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely. The vulnerability tracked CVE-2022-3236 with a CVSS score of 9.8, enables attackers…

PravinKarthik December 14, 2023

Critical WordPress Plugin affects 90K Sites – CVE-2023-6553

Researchers have identified a critical vulnerability in a popular plugin has exposed thousands of websites to a potential takeover. This vulnerability, tracked as CVE-2023-6553 with a CVSS score of 9.8,…

PravinKarthik December 13, 2023

Microsoft Patch Tuesday – December 2023

Microsoft patched 34 CVEs in its December 2023 Patch Tuesday release, zero day fix for AMD, four rated critical and 29 rated as important. This does not include 8 Microsoft…

PravinKarthik December 13, 2023

Chinese Threat actors infiltrating Critical US Infrastructure

Officials and security researchers from the US are warning that the Chinese military is allegedly attempting to infiltrate critical infrastructure, including power and water utilities and transportation systems in the…

PravinKarthik December 12, 2023

Log4j 2nd Year Anniversary Still a Pain

Recent research reports reveal that even after two years, several organizations are still vulnerable to Log4j. The analysis is done between August 15 and November 38,278, covering unique applications running…

PravinKarthik December 11, 2023