Date: June 12, 2024 Focus: Active Exploits, Zero-Day Vulnerabilities, and Critical Intelligence
As we pass the midpoint of June 2024, the cybersecurity landscape is witnessing a sharp uptick in activity. This week’s bulletin highlights critical zero-day vulnerabilities currently being exploited in the wild and updates the "Hitlist"—a roster of the most targeted vulnerabilities currently facing enterprise environments. 0-day and Hitlist Week -06-12-2024-
Security teams are advised to prioritize patching and mitigation for the following issues immediately. Date: June 12, 2024 Focus: Active Exploits, Zero-Day
CVE: CVE-2023-22527 Status: Explosion in Activity Despite being disclosed in early 2024, scanning for this template injection vulnerability has spiked by 300% this week. Ransomware groups are specifically targeting unpatched Confluence instances to deploy encryptors. CVE-2024-21683 | CVSS: 9
CVE-2024-5806 Progress Software released a patch for MOVEit Transfer on June 11th, confirming that this vulnerability was already being exploited in the wild.
CVE-2024-21683 | CVSS: 9.8 (Critical) Atlassian released a patch for a Remote Code Execution (RCE) vulnerability in Confluence Data Center.
This is awkward, but...
It looks like you're using an ad blocker. We get it, but (1) terrylove.com can't live without ads, and (2) ad blockers can cause issues with videos and comments. If you'd like to support the site, please allow ads.
If any particular ad is your REASON for blocking ads, please let us know. We might be able to do something about it. Thanks.