Active exploitation of two critical flaws impacting Mitel's MiVoice Connect business communications platform has resulted in their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, according to SecurityWeek.
Threat actors with internal network access could leverage the vulnerabilities, tracked as CVE-2022-40765 and CVE-2022-41223, to enable arbitrary code execution. Federal agencies have been ordered to address the flaws by March 14.
Patches have been released by Mitel in October. While no public information regarding attacks exploiting the flaws have been recorded, threat actors were previously observed by CrowdStrike to leverage an older zero-day flaw, tracked as CVE-2022-29499. Such a bug has already been used by the Lorenz ransomware operation, while another Mitel vulnerability, tracked as CVE-2022-26143, was utilized in distributed denial-of-service attacks.
Another Mitel flaw dating back to 2010 was also reported earlier this month by Palo Alto Networks to be targeted by the novel Mirai botnet variant V3G4.
Vulnerabilities impacting cloud analytics and business intelligence software Qlik Sense have been exploited to facilitate the deployment of CACTUS ransomware in a new campaign, The Hacker News reports.
Staples cyberattack disrupts online orders BleepingComputer reports that outages at American office supply retail chain that disrupted online orders were confirmed to have been caused by a cyberattack.
Cyber Resilience in the Ransomware and Wiper Era New Strategies for CISOs to Protect
The changing face of ransomware, and how to respond
Unveiling the Hidden Threat: Hybrid Attackers Leveraging Identities to Execute Ransomware
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news