Microsoft Exchange servers used by Ukraine's and Eastern Europe's defense sector have been targeted in new attacks by Russian state-backed hacking group Turla, also known as UAC-0003, KRYPTON, and Secret Blizzard, deploying the novel DeliveryCheck backdoor, BleepingComputer reports.
SecurityWeek reports that several recently addressed memory corruption vulnerabilities in the GE Cimplicity human-machine interface and supervisory control and data acquisition system, tracked as CVE-2023-3463, were noted by cybersecurity researcher Michael Heinzl, who discovered the bugs, to be similar to those exploited in attacks by the Russian state-sponsored threat operation Sandworm nearly a decade ago.
Citrix has disclosed that vulnerable NetScaler Application Delivery Controller and Gateway instances have been targeted in ongoing attacks leveraging the critical remote code execution flaw, tracked as CVE-2023-3519, The Hacker News reports.
Standard license holders will get access to more than 30 types of logging previously available to higher paying customers, and all logs will be stored for twice as long, 180 days, by default.
Android users have been lured to install malicious web apps through the exploitation of the platform's WebAPK technology, according to The Hacker News.