Cybersecurity Daily

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 24, 2023.

For the latest news on malware and ransomware, check out our weekly Malware Roundup.

Advisories

• More than 3,000 Openfire servers exposed to attacks using a new exploit
• Hackers use public ManageEngine exploit to breach internet org
• New stealthy techniques let hackers gain Windows SYSTEM privileges
• New Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App
• Ivanti Issues Fix for Critical Vuln in Its Sentry Gateway Technology
• Adobe Patches Critical Deserialization Vulnerability, but Exploits Persist
• New Juniper Junos OS Flaws Expose Devices to Remote Attacks – Patch Now
• Akira ransomware gang spotted targeting Cisco VPN products to hack organizations
• FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective
• Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day
• Rockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to Attacks
• New Telegram Bot “Telekopye” Powering Large-scale Phishing Scams from Russia
• TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords
• Apache XML Graphics Batik Flaw Exposes Sensitive Information
• FBI Warns of Cryptocurrency Heists by North Korea’s Lazarus Group
• Attackers Dangle AI-Based Facebook Ad Lures to Hijack Business Accounts

[Read more…] about Cybersecurity Daily: August 24, 2023