What is the Vulnerability?Multiple zero-day vulnerabilities have been identified in VMware’s ESXi, Workstation, and Fusion products. VMware has confirmed that these vulnerabilities are being actively exploited in the wild, and the Cybersecurity and Infrastructure Security Agency (CISA) has included them in its Known Exploited Vulnerabilities Catalog due to evidence of such exploitation.The vendor advisory indicates…
CISOs should add more to their vision than technology as a global report published by the World Economic Forum identifies a closely interconnected cocktail of risk
What is the Vulnerability?Threat actors are actively exploiting vulnerabilities in the Hitachi Vantara Pentaho Business Analytics Server. FortiGuard network sensors have detected attack attempts on over 500 devices, and CISA has added these vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation.The Pentaho Business Analytics Server is widely used, trusted by 73% of…
The now-patched bugs are under active exploit and enable attackers to carry out a wide range of malicious activities, including escaping a virtual machine and gaining access to the underlying host.
Palo Alto Networks’ Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon’s native email tools.
Amnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development.