May 28, 2024 at 05:33AM Check Point advises customers to review VPN configurations to prevent abuse by threat actors, citing attempts to gain access through old VPN local accounts with password-only authentication. The company recommends using additional authentication measures, deploying products on security gateways, and disabling unnecessary local accounts. It also provides a script and … Read more
April 23, 2024 at 03:58PM Microsoft released hotfix updates to address known issues affecting Exchange servers post installing the March 2024 security updates. The optional April 2024 HU adds support for ECC certificates and Hybrid Modern Authentication (HMA) for OWA/ECP. Redmond fixed issues in Outlook on the Web (OWA) and Microsoft Word document previews. Both … Read more
April 15, 2024 at 09:04AM Palo Alto Networks is addressing a zero-day vulnerability that has been exploited since March 26th to backdoor PAN-OS firewalls. The flaw affects certain firewalls and can be exploited remotely to gain root code execution. Hotfixes have been released, and additional security measures are available. The active exploitation has been confirmed … Read more
April 15, 2024 at 06:54AM Palo Alto Networks has released hotfixes for a zero-day vulnerability (CVE-2024-3400) targeted by state-sponsored actors. Vulnerable firewalls allow remote attackers to execute code with root privileges. Initial mitigations were issued, and more hotfixes are expected. Exploited devices facilitated data exfiltration and deployment of a new Python backdoor. Links to BianLian/Lazarus … Read more
December 13, 2023 at 05:42AM UK-based cybersecurity firm Sophos announced patches for a critical code injection vulnerability in Firewall versions 19.0 MR1 and older, giving attackers the ability to execute remote code. The company also warned of a new exploit and urged organizations to update to supported versions to mitigate the risk. Additionally, patches have … Read more
November 15, 2023 at 02:32PM Citrix has released hotfixes for two vulnerabilities affecting Citrix Hypervisor. One of the vulnerabilities, known as “Reptar,” affects Intel CPUs and can lead to system instability, crashes, or privilege escalation. The other vulnerability allows malicious code in a guest virtual machine to compromise an AMD-based host. Instructions on applying the … Read more