The US Cybersecurity and Infrastructure Security Agency (CISA) has identified a medium-severity vulnerability in Versa Director, which has been exploited actively. Tracked as CVE-2024-39717, the flaw involves a file upload bug in the “Change Favicon” feature, enabling threat actors to upload malicious files disguised as PNG image files. Federal Civilian Executive Branch agencies are required to apply vendor-provided fixes by September 13, 2024.
Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service
Giles Bruce reports: Microsoft has seized 338 phishing websites associated with a cybercrime service that targeted at least 20 U.S. healthcare organizations. Using a court order granted
