Threat & Research Team Blog
Recent Exploits Target Citrix and VMware Vulnerabilities
Critical ownCloud Vulnerability Exposes Admin Passwords – Actively Exploited by Hackers
OwnCloud, a popular open-source file-sharing application, is grappling with a critical security crisis, as revealed in three security bulletins. The most severe flaw, CVE-2023-49103, scored a maximum CVSS v3 rating of 10, potentially exposing sensitive information, including admin passwords, mail server credentials, and license keys.
MOVEit Transfer Critical Vulnerability Discovered – Patch Now
A critical vulnerability has been found in Progress MOVEit Transfer, posing a significant risk of unauthorized access and elevated privileges through SQL injection. The impact of this vulnerability has been felt across various sectors, including government, finance, media, aviation, and healthcare. The severity of the situation is highlighted by reports of data theft and exfiltration from prominent organizations within these industries.
