Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands

November 11, 2024 at 07:02AM Veeam has issued a hotfix for a critical authentication bypass vulnerability in Backup Enterprise Manager, addressing an expanding exploitation of the previous flaw. This update aims to enhance security and protect users from potential risks associated with the vulnerability. ### Meeting Notes Summary: – **Topic**: Veeam Hotfix Release – **Issue**: … Read more

Patch Now: Second SolarWinds Critical Bug in Web Help Desk

August 23, 2024 at 03:00PM SolarWinds has released a patch for a second critical vulnerability in its Web Help Desk software, addressing hardcoded credentials that could allow remote attackers to modify data. The patch also addresses a previous Java deserialization issue. Customers are urged to update immediately to mitigate potential exploitation by threat actors. Based … Read more

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw

August 23, 2024 at 04:09AM SolarWinds released a second hotfix for an exploited Web Help Desk vulnerability, removing hardcoded credentials and fixing an SSO issue. The CVE-2024-28987 vulnerability with a CVSS score of 9.1 could allow remote users to access internal functionality. CISA quickly added the bug to its Known Exploited Vulnerabilities catalog, urging immediate … Read more

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

August 22, 2024 at 11:07AM SolarWinds has issued a hotfix addressing a critical Web Help Desk vulnerability. This vulnerability could enable unauthorized access to unpatched systems by exploiting hardcoded credentials. Based on the meeting notes, it’s important to highlight that SolarWinds has released a hotfix to address a critical vulnerability in the Web Help Desk. … Read more

CISA warns critical SolarWinds RCE bug is exploited in attacks

August 16, 2024 at 12:40PM CISA warns of attackers exploiting a critical vulnerability in SolarWinds’ Web Help Desk (WHD) software, allowing remote code execution. SolarWinds issued a hotfix, advising administrators to apply it, while also recognizing an issue for SAML Single Sign-On users. CISA mandates federal agencies to patch WHD servers by September 5. SolarWinds … Read more

SolarWinds Issues Hotfix for Critical Web Help Desk Vulnerability

August 15, 2024 at 09:21AM SolarWinds has released a hotfix for a critical-severity vulnerability in Web Help Desk, allowing remote attackers to execute arbitrary code. The CVE-2024-28986 affects versions 12.4 to 12.8, requiring the installation of version 12.8.3.1813. SolarWinds advises customers to upgrade, download the hotfix, and apply it, providing detailed installation instructions in their … Read more

Check Point VPN Targeted for Initial Access in Enterprise Attacks

May 28, 2024 at 05:33AM Check Point advises customers to review VPN configurations to prevent abuse by threat actors, citing attempts to gain access through old VPN local accounts with password-only authentication. The company recommends using additional authentication measures, deploying products on security gateways, and disabling unnecessary local accounts. It also provides a script and … Read more

Microsoft releases Exchange hotfixes for security update issues

April 23, 2024 at 03:58PM Microsoft released hotfix updates to address known issues affecting Exchange servers post installing the March 2024 security updates. The optional April 2024 HU adds support for ECC certificates and Hybrid Modern Authentication (HMA) for OWA/ECP. Redmond fixed issues in Outlook on the Web (OWA) and Microsoft Word document previews. Both … Read more

Palo Alto Networks fixes zero-day exploited to backdoor firewalls

April 15, 2024 at 09:04AM Palo Alto Networks is addressing a zero-day vulnerability that has been exploited since March 26th to backdoor PAN-OS firewalls. The flaw affects certain firewalls and can be exploited remotely to gain root code execution. Hotfixes have been released, and additional security measures are available. The active exploitation has been confirmed … Read more

Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge

April 15, 2024 at 06:54AM Palo Alto Networks has released hotfixes for a zero-day vulnerability (CVE-2024-3400) targeted by state-sponsored actors. Vulnerable firewalls allow remote attackers to execute code with root privileges. Initial mitigations were issued, and more hotfixes are expected. Exploited devices facilitated data exfiltration and deployment of a new Python backdoor. Links to BianLian/Lazarus … Read more