Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). The guidance now notes that Cisco has fixed these vulnerabilities for the 17.9 Cisco IOS XE software release train with the 17.9.4a update. According to Cisco's Security…

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in…

VMware released a security advisory for vulnerabilities (CVE-2023-34048, CVE-2023-34056) affecting the VMware vCenter Server. A remote cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the VMware vCenter Server Out-of-Bounds Write Vulnerability advisory and apply the necessary updates.…

A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted…

CISA has released actionable guidance for Federal Civilian Executive Branch (FCEB) agencies to help them evaluate and mitigate the risk of volumetric distributed denial-of-service (DDoS) attacks against their websites and related web services. The Capacity Enhancement Guide: Volumetric DDoS Against Web Services Technical Guidance:   Helps agencies prioritize DDoS mitigations…

The Cybersecurity and Infrastructure Security Agency (CISA) has released an update to a previously published Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells. The CSA—originally released to warn network defenders of critical infrastructure organizations about threat actors exploiting CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting…

Apple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device.CISA encourages users and administrators to review the following advisories and apply the necessary updates. iOS 15.7.9 and iPadOS 15.7.9 macOS Monterey 12.6.9 macOS…

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2022-22265 Samsung Mobile Devices Use-After-Free Vulnerability CVE-2014-8361 Realtek SDK Improper Input Validation Vulnerability CVE-2017-6884 Zyxel EMG2926 Routers Command Injection Vulnerability CVE-2021-3129 Laravel Ignition File Upload Vulnerability CVE-2022-31459 Owl Labs Meeting Owl Inadequate Encryption Strength Vulnerability CVE-2022-31461 Owl Labs Meeting…

Fortinet has released security updates to address vulnerabilities (CVE-2023-29183 and CVE-2023-34984) affecting FortiOS, FortiProxy, and FortiWeb. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Fortinet security advisories (FG-IR-23-106 and FG-IR-23-068) and apply the necessary updates. Source:…

New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat actors to remotely execute commands on infected devices. The HTTPSnoop malware interfaces with Windows HTTP kernel drivers and devices to execute content on the infected endpoint based on specific HTTP(S)…