h1: Adobe Releases Updates to Address Critical ColdFusion Flaw h2: Incomplete Fix for CVE-2023-38205 Adobe has released a new set of updates to address an incomplete fix for a critical security flaw in ColdFusion. The flaw, known as CVE-2023-38205, has been actively exploited in the wild and has a CVSS score of 7.5. h2: Improper
Read More
🔒 US Agencies Release Recommendations to Improve Security of 5G Network Slicing Key Points: US cybersecurity and intelligence agencies have issued recommendations for enhancing security in 5G standalone network slicing. Network slicing allows operators to divide a single physical network into multiple virtual networks. The agencies recommend implementing a risk-based approach to identify and address
Read More
The Growing Attack Surface: Why It’s a Concern The attack surface is continuously expanding, outpacing the ability of security teams to keep up. In order to effectively protect your organization, it is vital to understand what is exposed and where attackers are likely to strike. With the prevalence of cloud migration and the subsequent increase
Read More
APT41 Unleashes Android Spyware Introduction The notorious China-linked nation-state actor, APT41, has recently been discovered to be behind the creation of two new strains of Android spyware. These strains, named WyrmSpy and DragonEgg, have not been previously documented. Main Points APT41, known for exploiting web-facing applications and infiltrating traditional endpoint devices, now adds mobile endpoints
Read More
Potential Privilege Escalation Vulnerability in Google Cloud Uncovered Bad.Build Vulnerability in Google Cloud Build Service The Discovery Cybersecurity researchers have recently discovered a privilege escalation vulnerability in Google Cloud. This vulnerability, dubbed “Bad.Build,” has the potential to allow malicious actors to tamper with application images and infect users. The issue is rooted in the Google
Read More
The U.S. Government Adds Cytrox and Intellexa to Economic Blocklist for Cyber Espionage Introduction The U.S. government has recently taken action against two foreign commercial spyware vendors, Cytrox and Intellexa. These companies have now been added to an economic blocklist due to their use of cyber exploits to gain unauthorized access to devices. This move
Read More
Citrix Discovers Critical Security Flaw in NetScaler ADC and Gateway Overview: Citrix has recently identified a critical security vulnerability in its NetScaler Application Delivery Controller (ADC) and Gateway platforms. This flaw, known as CVE-2023-3519, is currently being actively exploited in the wild. It involves code injection, which may lead to unauthenticated remote code execution. The
Read More
ShadowPad Compromises Multiple Entities in Pakistan An unidentified threat actor infiltrated an application used by various entities in Pakistan to distribute ShadowPad, a backdoor commonly associated with Chinese hacking groups. An application used by multiple organizations in Pakistan became the target of a cyber attack. The attacker used the compromised application to deliver ShadowPad, a
Read More
New Partnership Aims to Harness the Power of Artificial Intelligence for Local News A $5+ Million Collaboration to Empower Local News Organizations and AI Technology In an exciting development for the local news industry, a dynamic partnership has been formed with the goal of exploring how artificial intelligence (AI) can revolutionize the way local news
Read More
Cybersixgill’s Monthly Threat Reports: Uncovering the Shady World of Threat Actors Stay Ahead of the Game with Insider Information from the Cybersecurity Experts Cybersixgill, a leading cybersecurity company, brings you captivating and eye-opening stories about the latest tactics, techniques, and procedures used by threat actors in the dark corners of the internet. Through their monthly
Read MoreNo products in the cart.