Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. [...]
A patch for the max severity zero-day bug tracked as CVE-2023-20198 is coming soon, but the bug has already led to the compromise of tens of thousands of Cisco devices. And now, there's a new unpatched threat.
More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. [...]
Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]
The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.
A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August, security researchers announced. [...]
Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.
Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.