May 14, 2024 at 05:36AM The UK’s NHS warns that vulnerabilities in Arcserve Unified Data Protection software are likely being actively exploited. Despite not disclosing any specific data, NHS strongly encourages organizations to apply patches as outlined in Arcserve’s advisory. Critical vulnerabilities include authentication bypass and path traversal, posing risks of data theft, ransomware attacks, … Read more
May 8, 2024 at 03:55PM F5 has addressed two critical vulnerabilities in BIG-IP Next Central Manager, allowing attackers to gain admin control and create hidden rogue accounts. Exploiting SQL and OData injection flaws, unauthenticated attackers could execute malicious code remotely. Despite a temporary mitigation, F5 urges immediate patching or access restriction. There’s currently no evidence … Read more
April 20, 2024 at 01:57AM Users of CrushFTP are urged to update to version 11.1 following the discovery of a security flaw that has been exploited. Customers in a DMZ restricted environment are protected. The vulnerability, discovered by Simon Garrelou, allows users to download system files. CrowdStrike observed targeted exploits in the wild, mainly on … Read more
April 17, 2024 at 09:40AM Researchers have released proof-of-concept (PoC) exploits for a critical vulnerability in Palo Alto Networks’ PAN-OS used in GlobalProtect gateways. The PoCs were issued shortly after the vendor began releasing hotfixes. Exploits can lead to remote code execution and may affect a large number of organizations. Patching is strongly recommended. Key … Read more
March 27, 2024 at 12:30PM CISA warns of attackers exploiting a Microsoft SharePoint vulnerability, enabling remote code execution and admin privilege takeover. Nguyễn Tiến Giang earned $100,000 for demonstrating its exploitation. Multiple proof-of-concept exploits have emerged, prompting CISA to order patching by January 31. This poses a significant risk, emphasizing the need for quick patching … Read more
March 26, 2024 at 11:15AM A recent proof-of-concept exploit has led to attacks on a critical vulnerability, prompting CISA to prioritize urgent patching. Based on the meeting notes, the urgent action required is to prioritize patching the identified vulnerability due to the exploitation and subsequent attacks. The CISA has flagged it as a critical issue … Read more
March 18, 2024 at 06:45AM The PoC code is available for a critical vulnerability (CVE-2024-25153, CVSS score 9.8) in Fortra FileCatalyst Workflow. Attackers can execute arbitrary code through a directory traversal bug in the ‘ftpservlet’ component, potentially leading to web shell execution. SOCRadar warns of threat actor exploitation and advises prompt system updates. Additional details … Read more
February 29, 2024 at 09:27AM Meta recently patched a critical vulnerability affecting the Facebook password reset process, as reported by cybersecurity researcher Samip Aryal. The flaw allowed an attacker to exploit a two-hour window to brute-force a unique six-digit code and gain control of an account. Meta’s bug bounty program recognized Aryal’s contribution, but the … Read more
February 25, 2024 at 04:27AM LockBit ransomware’s exposure and response to law enforcement have prompted suspicion and distrust among affiliates. Despite attempts to maintain anonymity, it was revealed that LockBit’s leadership engaged with authorities. Their operations have been disrupted, with 14,000 rogue accounts closed. The group’s multi-year illicit profits exceed $120 million, with a significant … Read more
February 21, 2024 at 12:15PM ConnectWise responded to reports of hackers exploiting vulnerabilities in its ScreenConnect product. The company confirmed compromised accounts and emphasized the urgent need for businesses to upgrade to version 23.9.8 to prevent remote code execution. Security firms also highlighted the seriousness of the situation, prompting ConnectWise to urgently advise customers to … Read more