Bleeping Computer

Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The ...
SecurityWeek

Cisco Patches High-Severity Vulnerabilities in Enterprise Products

Cisco has released patches for several high-severity vulnerabilities that could lead to code execution, SSRF attacks, and DoS ...
Hosted on MSN

Cisco issues fixes for high-severity flaws in enterprise tools

Cisco has released patches for multiple vulnerabilities in its enterprise products, including five high-severity flaws that could enable server-side request forgery, code execution, or ...
Dark Reading

Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services

Microsoft has fixed vulnerabilities in four separate services of its Azure cloud platform, two of which could have allowed attackers to perform a server-side request forgery (SSRF) attack — and thus ...
Redmond Magazine

Microsoft Confirms Two Zero Day Exploits of Exchange Server

Exchange Server products are potential subject two newly disclosed "zero-day" vulnerabilities that are under exploit, Microsoft acknowledged, in a Thursday announcement. The two vulnerabilities are ...
VentureBeat

Microsoft confirms hackers are actively exploiting Exchange zero-day flaws

Microsoft Exchange server is one of those enterprise staples, but it's also a key target for cybercriminals. Last week, GTSC reported attacks had begun chaining two new zero-day Exchange exploits as ...
Dark Reading

Rackspace: Ransomware Attack Bypassed ProxyNotShell Mitigations

Managed cloud hosting services company Rackspace Technology has confirmed that the massive Dec. 2 ransomware attack that disrupted email services for thousands of its small-to-midsized business ...