May 29, 2024 at 03:45PM Threat actors are exploiting a high-severity zero-day vulnerability in Check Point Remote Access VPN, stealing Active Directory data to move through victims’ networks. Check Point warns customers of attackers targeting their security gateways using old VPN local accounts with insecure password-only authentication. The company has released hotfixes to block exploitation … Read more
April 20, 2024 at 01:57AM Palo Alto Networks has disclosed a critical security flaw, CVE-2024-3400, in PAN-OS being actively exploited by threat actors. The flaw allows unauthenticated remote shell command execution via a two-stage attack. The company has expanded patches to cover affected software versions and recommends applying hotfixes to mitigate potential threats. CISA has … Read more
November 6, 2023 at 04:59PM Veeam has released hotfixes to address four vulnerabilities in its Veeam ONE IT infrastructure monitoring and analytics platform. Two of the vulnerabilities are critical and allow attackers to gain remote code execution and steal NTLM hashes. The remaining two are medium-severity bugs. The company has provided hotfixes for actively supported … Read more