Since it appeared in July 2022, Play ransomware has launched devastating attacks on municipalities and critical infrastructure, agencies said.
Introducing a novel technique for e-mail spoofing
UK-based cybersecurity firm Sophos this week announced patches for an exploited vulnerability in Firewall versions that have reached End-of-Life (EOL).
The critical-severity flaw, tracked as CVE-2022-3236, was found to impact versions 19.0 MR1 (19.0.1) and older of the product. It was originally patched in September 2022, but only in supported versions of Sophos Firewall.
Sophos describes the security defect as a code injection issue in the Firewall’s User Portal and Webadmin components, allowing attackers to achieve remote code execution (RCE).
7 December 2023 - Apache Struts version 6.3.0.2 General Availability
The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.2 is available as a “General Availability” release. The GA designation is our highest quality grade.
The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework has been designed to streamline the full development cycle, from building, to deploying, to maintaining applications over time.
This version addresses a potential security vulnerability identified as CVE-2023-50164 and described in S2-066 - please read the mentioned security bulletins for more details. This is a drop-in replacement and upgrade should be straightforward.
Hackers tied to Russian military take responsibility for hack on Ukraine's biggest provider.
