CISA KEV Update Part I – June 2023

CISA KEV Update Part I – June 2023

US CISA have added a Progress MOVEit Transfer SQL injection vulnerability, tracked as CVE-2023-34362, to its Known Exploited Vulnerabilities Catalog. Threat actors are actively exploiting a zero-day vulnerability in the…
Gigabyte Motherboards Backdoor’ed

Gigabyte Motherboards Backdoor’ed

Researchers have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte that is primarily designed to update motherboard firmware, which could reportedly be exploited by…
MOVEit Vulnerability Exploited in Wild

MOVEit Vulnerability Exploited in Wild

Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product to steal data from organizations. MOVEit Transfer is a managed file transfer that is…
CasePoint Suffers a Data Breach

CasePoint Suffers a Data Breach

Casepoint,a legal discovery technology service provider to the U.S. Securities and Exchange Commission, the Department of Agricultural and various courts, has suffered a data breach. Casepoint said it’s investigating a…
CyberArk Identity Security Web Browser

CyberArk Identity Security Web Browser

CyberArk has announced an identity security web browser to enable organizations to better protect against attacks with a flexible, identity-based approach to securing employee and third-party access to enterprise resources.…
New macOS Vulnerability bypasses SIP

New macOS Vulnerability bypasses SIP

Researchers from Microsoft have discovered a new vulnerability in macOS that allows attackers with root access to bypass System Integrity Protection (SIP) and perform arbitrary operations on affected devices. Dubbed…