ConnectWise Leaked LockBit malware deployed in ScreenConnect attacks – 600+ IPs seen attacking 8,200 instances , and The Stack February 23, 2024
vulnerabilities CVSS 10 ConnectWise vulnerability “extremely trivial to reverse and exploit” as POC lands, attacks start , and The Stack February 21, 2024
Patch Tuesday February’s Patch Tuesday brings exploited zero days, Exchange Server headaches , and Edward Targett February 14, 2024
Ivanti Ivanti 0day fest continues with fresh bugs, attacks, as CISA tells federal agencies "just disconnect" , and Edward Targett February 2, 2024
vulnerabilities Exploit released for fresh Fortra GoAnywhere bug: CVSS 9.8 and again, nasty. Patch up. , and The Stack January 24, 2024
vulnerabilities vCenter Server vulnerability went exploited for two years unnoticed. Attacks are ongoing , and Edward Targett January 19, 2024
Cybersecurity Ivanti VPN appliance exploitation now happening at scale , and The Stack January 16, 2024
vulnerabilities Pre-auth RCE zero days in Ivanti VPNs are being exploited by a Chinese APT and there won’t be a patch for weeks. Buckle up. , and Edward Targett January 10, 2024
Cybersecurity Software licensing bug percolates pre-auth RCE risk downstream to PLC-land , and The Stack January 8, 2024
Patch Tuesday A December Patch Tuesday recap: Azure Logic Apps, Power Platform get critical fix , and The Stack December 13, 2023
SolarWinds SolarWinds sued by SEC over 2019 monster hack, CISO also charged with fraud, control failures , and Edward Targett October 31, 2023
Citrix Citrix Bleed: Two ransomware groups now exploiting bug for initial access , and Steve Ranger October 31, 2023
News Zero day in free Roundcube webmail service exploited to target governments , and Steve Ranger October 27, 2023
News Patch Tuesday is 20: Curl fix lands, Skype’s under attack and there’s a wormable pre-auth RCE in the mix , and Edward Targett October 11, 2023
