PravinKarthik

JumpCloud attack attributed to Labyrinth Chollima

JumpCloud cloud directory-as-a-service provider unfazed a cyberattack that first came to light, which has been attributed to a North Korean hacking group. The attack was first detected as anomalous activity…

PravinKarthik July 21, 2023

Apache OpenMeetings Vulnerabilities

Researcher discovered three vulnerabilities in the open source Web application Apache OpenMeetings application can be used together into an attack chain that allows threat actors to take over a user…

PravinKarthik July 21, 2023

CISA KEV Update July 2023 – Part II

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29298 Adobe ColdFusion Improper Access Control Vulnerability CVE-2023-38205 Adobe ColdFusion Improper Access Control Vulnerability The…

PravinKarthik July 21, 2023

Estée Lauder Unfazes Double Ransomware Attack

Estée Lauder, a cosmetic conglomerate, has been listed on the data leak sites of BlackCat and Clop group. The Estée Lauder Companies verified one of the attacks, stating that the…

PravinKarthik July 20, 2023

CVE-2023-38408: OpenSSH RCE Vulnerability

Researchers from Qualys Security has discovered a remote code execution vulnerability in OpenSSH’s forwarded ssh-agent tracked as CVE-2023-38408. OpenSSH is an open-source implementation of the SSH protocol, offers a robust…

PravinKarthik July 20, 2023

Tenable Unveiled Agentless Container scanning Methodology

Tenable has announced new Tenable Cloud Security features that deliver automated OS vulnerability detection across container images, registries, and pipelines. Building on existing exposure management capabilities, Tenable Cloud Security enables…

PravinKarthik July 20, 2023

CISA KEV Update July 2023 – Part I

CISA has added several new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation during the month of July 2023. Here, the list of vulnerabilities is listed…

PravinKarthik July 20, 2023

Citrix NetScaler ADC Zeroday Flaw

Citrix has urged its customers to patch NetScaler ADC and Gateway products after discovering a critical-severity zero-day vulnerability. The flaw tracked as CVE-2023-3519, with a CVSS score of 9.8, is…

PravinKarthik July 20, 2023