Remove 09
Remove 2021 Remove Data Remove Information Security Remove Security
article thumbnail

USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

Security Affairs

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

article thumbnail

Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence

Security Affairs

Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product. link] — U.S.

Mining 106
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN

Security Affairs

Palo Alto Networks disclosed a critical remote code execution vulnerability, tracked as CVE-2021-3064 , in its GlobalProtect portal and gateway interfaces. “CVE-2021-3064 is a buffer overflow that occurs while parsing user-supplied input into a fixed-length location on the stack. 2021-11-10: This report was published.

Access 117
article thumbnail

New RedLine malware version distributed as fake Omicron stat counter

Security Affairs

The RedLine malware allows operators to steal several information, including credentials, credit card data, cookies, autocomplete information stored in browsers, cryptocurrency wallets, credentials stored in VPN clients and FTP clients. “Some telemetry data is shown below. 2021-12-22 18:38:18 2021-12-23 11:33:58.

article thumbnail

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

article thumbnail

North Korea-linked Konni APT targets Russian diplomatic bodies

Security Affairs

Security researchers at Cluster25 uncovered a recent campaign carried out by the North Korea-linked Konni APT group aimed at Russian diplomatic entities that used new versions of malware implants. The RAT was able to avoid detection due to continuous evolution, it is able of executing arbitrary code on the target systems and stealing data.

Phishing 143
article thumbnail

Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables

Security Affairs

This vulnerability was introduced in April 2021.” ” Multiple security researchers have already developed their own proof-of-concept exploits for this flaw. ” Below is the disclosure timeline: 2023-09-04: Advisory and exploit sent to secalert@redhat. 2023-09-19: Advisory and patch sent to linux-distros@openwall.

Libraries 113