Tag: zero-day
-
Ransomware Hackers Exploiting Cleo Software Zero-Day
by
in SecurityNews
Tags: attack, communications, exploit, flaw, hacker, ransomware, software, update, vulnerability, zero-dayAttackers Target Managed File Transfer Software Vulnerabilities. File transfer software made by Cleo Communications is under active attack and a patch meant to stymie hackers doesn’t fix the flaw, say security researchers from Huntress. Hackers exploit an arbitrary file-write vulnerability along with a feature that automatically executes files. First seen on govinfosecurity.com Jump to article:…
-
December Patch Tuesday shuts down Windows zero-day
by
in SecurityNewsMicrosoft addresses 72 vulnerabilities, including 17 rated critical. Administrators should focus on patching the Windows OS to stop a flaw that has been exploited in the wild. First seen on techtarget.com Jump to article: www.techtarget.com/searchwindowsserver/news/366617192/December-Patch-Tuesday-shuts-down-Windows-zero-day
-
US sanctions Chinese cybersecurity firm over global malware campaign
by
in SecurityNews
Tags: attack, breach, china, computer, control, corporate, credentials, cve, cyber, cyberattack, cybersecurity, email, encryption, exploit, finance, firewall, fraud, government, group, healthcare, identity, infection, infrastructure, intelligence, international, malicious, malware, monitoring, network, office, password, ransomware, risk, service, software, sophos, technology, terrorism, threat, tool, vulnerability, zero-dayThe US government has imposed sanctions on Chinese cybersecurity firm Sichuan Silence Information Technology and one of its employees, Guan Tianfeng, for their alleged involvement in a 2020 global cyberattack that exploited zero day vulnerabilities in firewalls.The actions were announced by the US Department of the Treasury and the Department of Justice (DOJ), which also…
-
Attackers exploit zero-day RCE flaw in Cleo managed file transfer
by
in SecurityNews
Tags: advisory, attack, cve, edr, exploit, firewall, flaw, group, Internet, malicious, mitigation, moveIT, powershell, ransomware, rce, remote-code-execution, software, tool, update, vulnerability, vulnerability-management, windows, zero-daySecurity researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…
-
Microsoft Security Update Summary (10. Dezember 2024)
by
in SecurityNewsAm 10. Dezember 2024 hat Microsoft Sicherheitsupdates für Windows-Clients und -Server, für Office sowie für weitere Produkte veröffentlicht. Die Sicherheitsupdates beseitigen 70 Schwachstellen (CVEs), davon 16 kritische Sicherheitslücken, davon eine als 0-day klassifiziert (bereits ausgenutzt). Nachfolgend findet sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/10/microsoft-security-update-summary-10-dezember-2024/
-
Microsoft December 2024 Patch Tuesday addressed actively exploited zero-day
by
in SecurityNewsMicrosoft December 2024 Patch Tuesday security updates addressed 71 vulnerabilities including an actively exploited zero-day. Microsoft December 2024 Patch Tuesday security updates addressed 71 vulnerabilities in Windows and Windows Components, Office and Office Components, SharePoint Server, Hyper-V, Defender for Endpoint, and System Center Operations Manager. 16 vulnerabilities are rated Critical, 54 are rated Important, and…
-
‘Termite’ Ransomware Likely Behind Cleo Zero-Day Attacks
by
in SecurityNewsThe threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/termite-ransomware-behind-cleo-zero-day-attacks
-
Microsoft fixes exploited zero-day (CVE-2024-49138)
by
in SecurityNewsOn December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/10/december-2024-patch-tuesday-microsoft-zero-day-cve-2024-49138/
-
Microsoft Patch Tuesday December 2024, 71 Vulnerabilities Fixed Including 1 Zero-day
by
in SecurityNewsIn its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical vulnerabilities and 1 zero-day. This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance the security of its products and protect users from potential cyber threats. Critical Zero-Day Vulnerability…
-
Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day
Patch Tuesday: Redmond patches 71 security flaws and calls immediate attention to an exploited Windows zero-day reported by CrowdStrike. The post Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-ships-urgent-patch-for-exploited-windows-clfs-zero-day/
-
US Indicts, Sanctions Alleged Chinese Sophos Firewall Hacker
by
in SecurityNewsTianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG Firewall. The U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect’s…
-
US sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructure
by
in SecurityNews
Tags: china, cybersecurity, exploit, firewall, hacking, infrastructure, sophos, vulnerability, zero-dayThe U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerability to compromise approximately 81,000 firewalls in April 2020. The hacking campaign, detailed by Sophos…
-
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws
Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-december-2024-patch-tuesday-fixes-1-exploited-zero-day-71-flaws/
-
Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack
by
in SecurityNewsThe department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-sanctions-chinese-cyber-company-2020-firewall-attack/
-
New Cleo zero-day RCE flaw exploited in data theft attacks
by
in SecurityNewsHackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cleo-zero-day-rce-flaw-exploited-in-data-theft-attacks/
-
Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack
by
in SecurityNewsThousands of servers targeted while customers wait for patches First seen on theregister.com Jump to article: www.theregister.com/2024/12/10/cleo_vulnerability/
-
Microsoft NTLM Zero-Day to Remain Unpatched Until April
by
in SecurityNews
Tags: attack, credentials, cyberattack, microsoft, mitigation, ntlm, update, vulnerability, windows, zero-dayThe second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-ntlm-zero-day-remain-unpatched-april
-
Kostenlose Micropatches Day-Schwachstelle gefährdet Millionen Windows-Geräte
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminalitaet-schwachstelle-alle-windows-versionen-a-c7118a7d17e56154a71501d74663ba15/
-
EDR-Software ein Kaufratgeber
by
in SecurityNews
Tags: ai, android, api, backup, browser, chrome, cloud, computing, crowdstrike, cyberattack, detection, edr, endpoint, firewall, identity, incident response, intelligence, iot, kubernetes, linux, macOS, mail, malware, microsoft, network, ransomware, risk, siem, soar, software, sophos, threat, tool, windows, zero-day -
Bug bounty programs: Why companies need them now more than ever
by
in SecurityNews
Tags: attack, best-practice, bug-bounty, business, crypto, cyber, cybercrime, cybersecurity, defense, exploit, finance, guide, hacker, hacking, jobs, malicious, ransom, strategy, threat, tool, update, vulnerability, zero-dayIn the fast-evolving landscape of cybersecurity, the need for proactive measures has become more pressing than ever.When I first entered the cybersecurity field, the primary threats were largely opportunistic hackers exploiting known vulnerabilities and multi-million-dollar ransoms were unheard of. Today, the stakes are significantly higher. According to Cybersecurity Ventures, cybercrime is expected to cost the…
-
Critical Windows Zero-Day Alert: No Patch Available Yet for Users
by
in SecurityNewsProtect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day…. First seen on hackread.com Jump to article: hackread.com/windows-zero-day-alert-no-patch-available-for-users/
-
Intrusions targeting I-O Data router zero-days underway
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/intrusions-targeting-i-o-data-router-zero-days-underway
-
Zero-day exploits underscore rising risks for internet-facing interfaces
by
in SecurityNewsRecent reports confirm the active exploitation of a critical zero-day vulnerability targeting Palo Alto Networks’ Next-Generation Firewalls (NGFW) management interfaces. While Palo Alto’s swift advisories and mitigation guidance offer a starting point for remediation, the broader implications of such vulnerabilities… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/zero-day-exploits-underscore-rising-risks-for-internet-facing-interfaces/
-
0patch hilft: Zero-Day-Lücke in allen gängigen Windows-Versionen entdeckt
by
in SecurityNewsBetroffen sind Windows 7 bis 11 sowie Windows Server 2008 bis 2022. Angreifer können NTLM-Hashes abgreifen. Einen Patch gibt es – aber nicht von Microsoft. First seen on golem.de Jump to article: www.golem.de/news/0patch-hilft-zero-day-luecke-in-allen-gaengigen-windows-versionen-entdeckt-2412-191505.html
-
New Windows zero-day exposes NTLM credentials, gets unofficial patch
by
in SecurityNewsA new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/
-
0patch für 0-day URL File NTLM Hash Disclosure-Schwachstelle
by
in SecurityNewsACROS Security ist auf eine bisher nicht per Update geschlossene Schwachstelle in Windows gestoßen, die per URL die Offenlegung von NTLM Hash-Werten ermöglicht. ACROS Security hat einen opatch Micropatch veröffentlicht, um diese Schwachstelle zu beseitigen. Bis zum Bereitstellen eines Updates … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/06/windows-0patch-fuer-0-day-url-file-ntlm-hash-disclosure-schwachstelle/
-
Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena
by
in SecurityNews
Tags: advisory, automation, cyber, exploit, remote-code-execution, software, vulnerability, zero-dayRockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries looking to execute arbitrary code. With the release of updated software versions, Rockwell Automation has taken corrective action and…
-
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
by
in SecurityNewsStill unpatched 100+ days later, watchTowr says First seen on theregister.com Jump to article: www.theregister.com/2024/12/06/mitel_micollab_0day/
-
Windows NTLM Zero-Day Vulnerability Exposes User Credentials
by
in SecurityNewsA critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered. The flaw enables attackers to steal NTLM credentials with minimal user interaction, posing a significant security risk. It impacts systems from Windows 7 and Server 2008 R2 to the latest Windows 11 (v24H2) and Server 2022. The vulnerability allows attackers…
-
Why Zero-Day Attacks Bypass Traditional Firewall Security: Defending Against Zero-Day’s like Palo Alto Networks CVE-2024-0012
by
in SecurityNewsRecently, Palo Alto Networks identified and patched a critical zero-day vulnerability in their next-generation firewalls (NGFWs). This vulnerability, tracked as CVE-2024-0012, allowed attackers to execute code on vulnerable devices remotely. This vulnerability has been actively exploited in attacks dubbed “Operation Lunar Peek.” First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/why-zero-day-attacks-bypass-traditional-firewall-security-defending-against-zero-days-like-palo-alto-networks-cve-2024-0012/