Two Ivanti VPN zero-days enable remote code execution; Volexity links the attacks to UTA0178 and urges urgent patching and forensic investigation.
By Natacha Bakir
Log4Shell (CVE-2021-44228) is a critical flaw in Log4j 2 allowing remote code execution, affecting millions of systems worldwide.
By Rayan Annabi
CVE-2023-22518 allows remote attackers to reset Confluence servers and deploy ransomware; patching and backups are critical for defense.
By Leo Duntze
Zerologon (CVE-2020-1472) is a critical flaw allowing attackers to gain domain admin access via Netlogon by exploiting weak AES encryption.
By Leo Duntze
Read the full "Cloud Snooper Threat Report" PDF to learn more about this threat.
By Natacha Bakir
