Tag: cve
-
A botnet exploits e GeoVision zero-day to compromise EoL devices
by
in SecurityNewsA botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. Researchers at the Shadowserver Foundation observed a botnet exploiting a zero-day in GeoVision EOL (end-of-Life) devices to compromise devices in the wild. The GeoVision zero-day, tracked as CVE-2024-11120 (CVSS 9.8), is a pre-auth command injection vulnerability…
-
MSSP Market Update: Microsoft Adds Machine-Readable Files to CVE Releases
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/mssp-market-update-microsoft-adds-machine-readable-files-to-cve-releases
-
Exchange 2016/2019 warnen nun vor Ausnutzung der Spoofing-Schwachstelle CVE-2024-49040 in E-Mails
by
in SecurityNewsMit dem Sicherheitsupdate vom November 2024 hat Microsoft seine Exchange 2016- und Exchange 2019-Server mit einer neuen Funktion versehen. Microsoft Exchange warnt nun bei empfangen zu E-Mails, die eine Spoofing-Schwachstelle (Exchange Server non-RFC compliant P2 FROM header detection) ausnutzen. Einziges … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/16/exchange-2016-2019-warnen-nun-vor-ausnutzung-einer-spoofing-schwachstelle-in-e-mails/
-
Schwachstelle in CrushFTP; aktualisieren
by
in SecurityNewsKurzer Hinweis an Nutzer, die CrushFTP verwenden. Ein Blog-Leser hat mich darüber informiert, dass dort eine gravierende Schwachstelle entdeckt worden sei (öffentlich gemacht am 11. November 2024). Es gibt aber Updates, bei denen diese Schwachstelle, für die noch kein CVE … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/15/schwachstelle-in-crushftp-aktualisieren/
-
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely
by
in SecurityNewsA critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie Telecom and Topnet ISPs. Similar variants of the router used in Algeria and Morocco are…
-
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog. The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-two-more-palo-alto-expedition-flaws-exploited-in-attacks/
-
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
by
in SecurityNewsAttackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/15/cve-2024-9463-cve-2024-9465/
-
CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities
by
in SecurityNews
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, malicious, network, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, CVE-2024-9463 and CVE-2024-9465, are reportedly actively exploited by malicious cyber actors. CISA emphasizes that both vulnerabilities pose significant risks, particularly to federal systems. CVE-2024-9463: Palo…
-
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
by
in SecurityNewsCybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.Environment variables are user-defined values that can allow a program First seen on thehackernews.com…
-
Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices
by
in SecurityNewsThe exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure. Days after D-Link announced it wouldn’t patch a critical vulnerability, tracked as CVE-2024-10914 (CVSS score of 9.8), in legacy D-Link NAS devices, that threat actors started attempting to exploit. The vulnerability CVE-2024-10914 is a command…
-
NIST Clears Backlog of Known Security Flaws but Not All Vulnerabilities
by
in SecurityNewsNIST, the embattled agency that analyzes security vulnerabilities, has cleared the backlog of known CVEs that hadn’t been processed but needs more time to clear the entire backlog of unanalyzed flaws. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/nist-clears-backlog-of-known-security-flaws-but-not-all-vulnerabilities/
-
Citrix Session Recording users warned of CVEs that allow hackers to gain control
by
in SecurityNewsSecurity researchers at watchTowr discovered the flaw and claim attackers can gain access without authentication, a finding which Citrix disputes. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/citrix-session-recording-cves-hackers/732794/
-
NIST is chipping away at NVD backlog
by
in SecurityNewsThe National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/14/nist-nvd-backlog/
-
NIST Explains Why It Failed to Clear CVE Backlog
by
in SecurityNewsNIST says all known exploited CVEs in the backlog have been addressed, but admitted that clearing the entire backlog by October was optimistic. The post NIST Explains Why It Failed to Clear CVE Backlog appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/nist-explains-why-it-failed-to-clear-cve-backlog/
-
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
by
in SecurityNewsGoogle has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild.The vulnerability, tracke… First seen on thehackernews.com Jump to article: thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html
-
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
by
in SecurityNewsCVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/14/cve-2024-43451-exploited/
-
Google to Issue CVEs for Critical Cloud Vulnerabilities
by
in SecurityNewsGoogle Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and Exposures (CVEs) for critical vulnerabilities found in its cloud services. This move, which underscores Google’s dedication to helping enterprises and government agencies protect against potential security threats, is set to enhance…
-
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
by
in SecurityNewsA newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was…
-
Right-Click to Hack: Zero-Day CVE-2024-43451 Vulnerability Targets Windows Users
by
in SecurityNewsClearSky Cyber Security has uncovered a new zero-day vulnerability, CVE-2024-43451, actively exploited in the wild, targeting Windows systems primarily in Ukraine. This flaw enables attackers to exploit URL files for... First seen on securityonline.info Jump to article: securityonline.info/right-click-to-hack-zero-day-cve-2024-43451-vulnerability-targets-windows-users/
-
Google Cloud to Assign CVEs to Critical Vulnerabilities
by
in SecurityNewsGoogle Cloud will be assigning CVE identifiers to serious cloud vulnerabilities, even ones that don’t require patching. The post Google Cloud to Assign CVEs to Critical Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-cloud-to-assign-cves-to-critical-vulnerabilities/
-
Zero-days from top security vendors were most exploited CVEs in 2023
by
in SecurityNewsThe top five vulnerabilities exploited by attackers last were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/security-vendors-zero-days-top-cve-exploits/732814/
-
Zoom addressed two high-severity issues in its platform
by
in SecurityNewsZoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Zoom addressed six vulnerabilities in its video conferencing and communication platform. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information.…
-
Internet-Explorer-Schwachstelle kann zu einem totalen Verlust der Vertraulichkeit führen
by
in SecurityNews‘CVE-2024-43451 nutzt die Überreste der MSHTML-Komponente von Internet-Explorer über die Web-Browser-Steuerung aus. Diese Schwachstelle ermöglicht es Angreifern, den NTLMv2-Hash eines Benutzers mit minimaler Interaktion zu erfassen, z. B. durch einen einzigen Klick oder einen Rechtsklick auf eine bösartige Datei. Der Besitz dieses Hashes ermöglicht es Angreifern, sich als Benutzer zu authentifizieren, was zu unbefugtem Zugriff…
-
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which CVE-2024-43451 and CVE-2024-49039 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/12/cve-2024-43451-cve-2024-49039/
-
Critical Veeam CVE targeted by new ransomware variant
by
in SecurityNewsMultiple ransomware variants are now targeting the CVE, which has a CVSS of 9.8. For customers, the risk of exploitation is only increasing. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/veeam-cve-exploit-frag-ransomware/732670/
-
HPE Issues Urgent Patches for Critical Vulnerabilities in Aruba Networking Access Points
by
in SecurityNewsHewlett Packard Enterprise (HPE) has issued critical security patches to address several vulnerabilities affecting its Aruba Networking Access Point products. These vulnerabilities (CVE-2024-42509 and CVE-2024-47460), including two particularly severe flaws, could allow unauthenticated attackers to execute arbitrary commands remotely, potentially compromising the security of affected systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hpe-security-patches-cve-2024-42509/
-
CVE-2024-42028 gefährdet selbst gehostete Server – Kritische Sicherheitslücke in Ubiquiti Unifi Network Server
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecke-unifi-network-application-a-7a7c66c7a2f604b2024e59a1efe28507/