17 November 2023

  • Notable vulnerabilities added to the Known Exploited Vulnerabilities (KEV) catalog by CISA, including a critical Windows security bypass (CVE-2023-1671) and a Microsoft Windows Mark-of-the-Web (MotW) flaw (CVE-2023-36584).

  • Demonstrated attack methods against Google Workspace and the Google Cloud Platform could potentially be leveraged for ransomware, data exfiltration, and password recovery attacks, posing significant risks to user data and cloud-based services.

  • FBI and CISA release an advisory on Scattered Spider, a hacking collective collaborating with the ALPHV/BlackCat Russian ransomware group, highlighting their evasive tactics.

  • Toyota Financial Services (TFS) confirms unauthorized access after a Medusa ransomware attack targeted its systems in Europe and Africa.

  • Google TAG reports four hacker groups exploiting a zero-day flaw (CVE-2023-37580) in Zimbra Collaboration email software, leading to data theft and credential compromise.

  • Fortinet warns customers about a critical OS command injection vulnerability in FortiSIEM report server, posing a risk of remote code execution by unauthenticated attackers.

zimbrafortinetzaro-daytoyotacisafbigoogle workspaceransomware


Subscribe to our newsletter to stay informed about CyberSecurity news. You can unsubscribe at any time.

More than Cyber Security

We offer a variety of services to help companies be prepared for real cyber-attacks.

Contact Us