-
![]()
Critical SQL Injection Vulnerability Uncovered in MOVEit Transfer
Progress Software Corporation has recently disclosed a critical vulnerability in its MOVEit Transfer web application, urging users to take immediate action to mitigate the risk. The vulnerability, officially designated as CVE-2023-34362, is an SQL Injection vulnerability that could potentially lead to escalated privileges and unauthorized access. It affects versions prior to 2021.0.6 (13.0.6), 2021.1.4 (13.1.4),…
-
![]()
Lazarus Group Targets Windows IIS Web Servers in Recent Cyber Attacks
The Lazarus Group, a hacker collective known to receive national-level support, has been spotted in new attacks targeting Windows IIS web servers. AhnLab Security Emergency Response Center (ASEC) recently confirmed this activity, highlighting the group’s continued use of sophisticated techniques to compromise vulnerable systems. The group’s initial infiltration method relies on DLL side-loading, a technique…
