The main attacks and vulnerabilities compiled by our experts last week: 28th January—3rd February

Check in our weekly report the main attacks and vulnerabilities found by our teams of experts.

Here are the most relevant headlines of the week, download our full report and take note:

LockBit Green: new LockBit variant

Researchers at vx-underground have recently detected that a new ransomware variant, called LockBit Green, is being used by the LockBit ransomware handlers.

GitHub revokes compromised Desktop and Atom certificates

Github has taken the decision to revoke a number of certificates used for its Desktop and Atom applications after they were compromised in a security incident in December.

PoC available for KeePass vulnerability

KeePass has recently discovered a vulnerability in its software for which a PoC has already been released. The flaw is identified as CVE-2023-24055.

Two new vulnerabilities in CISCO devices

Researchers at Trellix have warned of two vulnerabilities in Cisco devices. The first, identified as CVE-2023-20076 and with a manufacturer’s CVSS of 7.2; The second bug, so far identified with Cisco bug ID CSCwc67015, would allow an attacker to remotely execute code and overwrite existing files. 

Lazarus campaign against energy and healthcare companies

WithSecure has published extensive research on the latest campaign by the APT Lazarus, allegedly backed by North Korea. 


Related news

Stay up to date. Get the latest news and trends
Sign Up