CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-41713link is external Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550link is external Mitel MiCollab Path Traversal Vulnerability CVE-2020-2883lin...

Informational: Impact of Malicious Code in XZ Tools and Libraries (CVE-2024-3094)

The Palo Alto Networks Product Security Assurance team has evaluated the supply chain compromise impacting versions 5.6.0 and 5.6.1 of XZ tools and libraries. These versions of the software may allow unauthorized access to affected systems. Based on the information presently known, Palo Alto...

Ransomware gangs and Living Off the Land (LOTL) attacks: A deep dive

We’ve told you about ransomware-as-a-service RaaS gangs; we’ve told you about living off the Land LOTL attacks. What do you get when you bring the two together? Bad news. Our recent report, Threat Brief: Ransomware Gangs & Living Off the Land Attacks, takes a deep dive into why the intersection o...