Tag: cve
-
macOS HM Surf flaw in TCC allows bypass Safari privacy settings
Microsoft disclosed a flaw in the macOS Apple’s Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulnerability, tracked as CVE-2024-44133 and code-named ‘HM Surf’, in Apple’s Transparency, Consent, and Control (TCC) framework in macOS. Apple’s Transparency, Consent, and Control framework in macOS…
-
SolarWinds Web Help Desk Vulnerability Allows Remote Code Execution
A critical vulnerability in SolarWinds Web Help Desk has been identified. It could allow attackers to execute arbitrary code on affected systems. The vulnerability tracked as CVE-2024-28988 was discovered by the Trend Micro Zero Day Initiative (ZDI) team during their investigation into a previous security flaw. CVE-2024-28988: Java Deserialization Flaw The vulnerability stems from a…
-
Critical Vulnerability in Kubernetes Image Builder Exposes Nodes to Root Access
A new security risk has emerged in the Kubernetes Image Builder, posing a critical threat to organizations that utilize this tool for managing their containerized environments. The Kubernetes Image Builder vulnerability tracked as CVE-2024-9486, has been assigned a CVSS score of 9.8, indicating its severity. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/kubernetes-image-builder-vulnerability/
-
Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser
Microsoft has disclosed details about a now-patched security flaw in Apple’s Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user’s privacy preferences and access data.The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of…
-
CVE-2024-9381 Ivanti CSA Security Vulnerability October 2024
A critical vulnerability (CVE-2024-9381) in Ivanti’s Cloud Services Appliance allows attackers to bypass security measures and execute arbitrary code. Affected Platform CVE-2024-9381 impacts Ivanti’s Cloud Services Appliance (CSA), a critical component used in secure remote access for enterprise environments, affecting CSA versions prior to the latest patch. Ivanti CSA provides a secure bridge for cloud……
-
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.”A security issue First seen…
-
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX
VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately…
-
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups
Veeam has addressed a severe vulnerability in its widely utilized Backup & Replication tool, CVE-2024-40711. This critical flaw has a staggering Common Vulnerability Scoring System (CVSS) score of 9.8. Ransomware gangs have already begun exploiting this Veeam vulnerability, particularly deploying Akira and Fog ransomware in targeted attacks. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-veeam-vulnerability-2/
-
Oracle October 2024 Critical Patch Update Addresses 198 CVEs
Oracle addresses 198 CVEs in its fourth quarterly update of 2024 with 334 patches, including 35 critical updates. Background On October 15, Oracle released its Critical Patch Update (CPU) for October 2024, the fourth and final quarterly update of the year. This CPU contains fixes for 198 CVEs in 334 security updates across 28 Oracle…
-
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
Tags: cisa, credentials, cve, cybersecurity, exploit, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain First…
-
Critical CVE in 4 Fortinet products actively exploited
CISA added the format string vulnerability to its known exploited vulnerabilities catalog last week, months after it was first disclosed by the company. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-cve-fortinet-exploited/729736/
-
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/15/cve-2024-23113/
-
How DDoS Botent is used to Infect your Network?
DDoS botnet gained attention a few years ago due to its record-breaking attacks, but the emergence of new threats in 2024 illustrates the evolving tactics of cyber attackers. The cyber threat landscape is in constant flux, with vulnerabilities like Zyxel’s CVE-2023-28771 being exploited and MySQL servers coming under fire from variants like Ddostf and Mirai’s……
-
Imperva Defends Against Targeted Exploits Used By APT29 Hackers
Recently, U.S. and U.K. cyber agencies have warned of a renewed wave of attacks led by Russian APT29 hackers. These sophisticated threat actors have been actively exploiting vulnerabilities in Zimbra Collaboration Suite and JetBrains TeamCity, specifically CVE-2022-27924 and CVE-2023-42793, to target critical systems. At Imperva, we are committed to ensuring our customers remain secure from……
-
Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure
Trend Micro researchers have uncovered a series of advanced cyberattacks carried out by the threat group Earth Simnavaz, also known as APT34 or OilRig. This Iranian-linked cyber espionage group has... First seen on securityonline.info Jump to article: securityonline.info/earth-simnavaz-exploits-windows-kernel-flaw-cve-2024-30088-in-attacks-on-critical-infrastructure/
-
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
Tags: cisa, cloud, cve, cybersecurity, exploit, fortinet, infrastructure, ivanti, kev, service, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week, Ivanti warned of three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA)…
-
Perfectl Malware
Perfectl in an impressive piece of malware: The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. It can also exploit CVE-2023-33246, a vulnerability with a severity…
-
pac4j Java Framework Vulnerable to RCE Attacks
A critical security vulnerability has been discovered in the popular Java framework pac4j. The vulnerability specifically affects versions before 4.0 of the pac4j-core module. This vulnerability, identified as CVE-2023-25581, exposes systems to potential remote code execution (RCE) attacks due to a flaw in the deserialization process. Vulnerability Details CVE-2023-25581 The issue stems from a […]…
-
Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware
Tags: attack, backup, credentials, cve, exploit, flaw, ransomware, sophos, threat, veeam, vpn, vulnerabilityThreat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware.Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE-2024-40711 to create a local account and deploy the ransomware.CVE-2024-40711, rated 9.8 out…
-
Ransomware operators exploited Veeam Backup Replication flaw CVE-2024-40711 in recent attacks
Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. In early September 2024, Veeam released security updates to address multiple vulnerabilities impacting its products,…
-
New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution
GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches.Tracked as CVE-2024-9164, the vulnerability carries a CVSS score of 9.6 out of 10.”An issue was discovered in GitLab EE…
-
Vulnerability Prioritization the Magic 8 Ball
Last month marks 25 years of operation for the CVE (Common Vulnerabilities and Exposures) program, launched in September 1999. It’s difficult to imagine a world without CVEs. Much of the “vulnerability management” activities, before the CVE program became popular, relied on matching version numbers from remote scans and executing shady exploits found in dark places on……
-
Trio of Ivanti CSA zero-day vulnerabilities under exploit threat
The latest round of exploitation follows more than three weeks of CVE disclosures involving various Ivanti products.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ivanti-zero-day-vulnerabilities-exploitation/729354/
-
Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks
A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being actively exploited in cyberattacks. With a CVSS base score of 9.8, the flaw is identified as Use-after-free in the Animation timeline component tracked as CVE-2024-9680 reported by Damien Schaeffer from ESET.” An attacker was able to achieve code execution in the…