Welcome to another Afternoon Dessert breakout:
Atlassian fixes critical bug giving access to Jira Service Management
A critical vulnerability in Atlassian’s Jira Service Management Server and Data Center could allow an unauthenticated attacker to impersonate other users and gain remote access to the systems. […]
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise.
Some of the notable malware families that are being distributed using this method include AsyncRAT, RedLine Stealer, Agent Tesla, DOUBLEBACK, Quasar RAT, XWorm, Qakbot, BATLOADER, and FormBook.
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered
Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut down charging stations and even expose them to data and energy theft.
The findings, which come from Israel-based SaiFlow, once again demonstrate the potential risks facing the EV charging infrastructure.
The issues have been identified in version 1.6J of the Open Charge
GoAnywhere MFT zero-day vulnerability lets hackers breach servers
The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. […]
Florida hospital takes IT systems offline after cyberattack
Tallahassee Memorial HealthCare (TMH) has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack. […]
Follow for more…