Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 17, 2023.
Advisories
- Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning
- Two unauthenticated stack buffer overflows found in Ivanti Avalanche EMM
- Citrix ADC, Gateways Still Backdoored, Even After Being Patched
- Cisco Unified Communications Manager Flaw Let Attacker Launch SQL Injection Attacks
- New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode
- Patch Now: OpenNMS Bug Steals Data, Triggers Denial of Service
- Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks
- Kubernetes clusters face widespread attacks across numerous organizations
- New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities
- Gigabud RAT Attacking Android Users to Steal Banking Credentials
- Thousands of Android APKs use compression trick to thwart analysis
Industry News
- Massive 400,000 proxy botnet built with stealthy malware infections
- Cleaning Products manufacturer Clorox Company took some systems offline after a cyberattack
- Malicious QR Codes Used in Phishing Attack Targeting US Energy Company
- File sharing site Anonfiles shuts down due to overwhelming abuse
- AI Steals Passwords by Listening to Keystrokes With Scary Accuracy
- Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks
- Google Introduces First Quantum Resilient FIDO2 Security Key Implementation
- Dig Security State of Cloud Data Security 2023 Report Finds Exposed Sensitive Data in More Than 30% of Cloud Assets
- GitHub Paid Out $1.5 Million in Bug Bounties in 2022
Products & Service
- Mandiant Releases Scanner to Identify Compromised NetScaler ADC, Gateway
- Kaspersky Password Manager Adds 2FA One-Time Password Storage and New Browser Support
- Semperis aims to ensure security in Active Directory migrations, consolidation
- Beyond Identity unveils The Passkey Journey to aid enterprise passkey deployment decisions
- Cato Networks Named a “Leader” in Zero Trust Edge (ZTE) Report by Leading Research Firm
- SentinelOne Singularity App for Netskope secures remote work from endpoint to cloud