January 16, 2024 at 10:23AM AI solutions are gaining traction in business, with 33% of organizations using generative AI. By 2026, over 80% are projected to have their own AI models. However, AI is being exploited for cybercrimes, including enhancing social engineering, spreading malware, and increasing malware stealth. Organizations need robust cybersecurity measures to combat … Read more
January 16, 2024 at 10:09AM Ransomware poses a significant challenge for businesses, with debates on the best response. While a US-led coalition to reject ransom payments is symbolic, it ignores practical aspects and lacks a preemptive approach. For some companies, paying ransoms may be the most efficient way to minimize damage. However, the real solution … Read more
January 16, 2024 at 10:04AM Ivanti Connect Secure (ICS) VPN users are at risk if they have not applied recent vulnerability mitigation. Over 1,700 devices have been compromised due to successful exploits. The attacks have targeted a wide range of organizations globally. Users are advised to run Ivanti’s Integrity Checker Tool to detect compromises and … Read more
January 16, 2024 at 09:39AM Over 178,000 SonicWall firewalls are susceptible to two security vulnerabilities. These flaws could lead to denial-of-service conditions and remote code execution. While there’s no evidence of exploits, a proof-of-concept for one vulnerability has been released. The cybersecurity firm warns that bad actors could use these flaws to trigger repeated crashes … Read more
January 16, 2024 at 09:12AM Quarkslab discovered multiple critical vulnerabilities in the EDK II network stack, posing a risk of remote code execution attacks. These vulnerabilities, known as PixieFAIL, affect the PXE implementation and are utilized by various vendors, including Microsoft. Quarkslab released proof-of-concept code for the vulnerabilities and anticipates the CERT Coordination Center to … Read more
January 16, 2024 at 09:12AM Vulnerability in Opera browser feature My Flow allowed remote code execution. Guardio Labs found old, vulnerable landing pages and created a proof-of-concept to execute malicious code. The issue was resolved in November 2023. Opera confirmed the vulnerability and deployed a fix. No evidence of in-the-wild exploitation was found. Opera is … Read more
January 16, 2024 at 09:12AM Report: Many SonicWall next-generation firewall devices are unpatched for critical vulnerabilities CVE-2022-22274 and CVE-2023-0656, with potential for DoS and RCE attacks. Over 178,000 vulnerable devices found, and new PoC exploits developed. Recommendations include applying patches immediately due to known exploitation in malicious attacks. Key Takeaways from Meeting Notes: – Cybersecurity … Read more
January 16, 2024 at 09:12AM VMware has urged customers to patch a critical vulnerability (CVE-2023-34063, CVSS score of 9.9) affecting Aria Automation and Cloud Foundation. The missing access control flaw could allow unauthorized access to remote organizations and workflows. VMware has released patches for impacted versions and credited external researchers for discovering the vulnerability. Threat … Read more
January 16, 2024 at 08:33AM The Remcos RAT, disguised as adult-themed games, is being distributed in South Korea through webhards. This sophisticated remote access trojan allows threat actors to unauthorizedly control and surveil compromised hosts, exfiltrating sensitive information. Originally marketed as a remote administration tool, it has evolved into a potent weapon for infiltrating systems … Read more
January 16, 2024 at 08:21AM Security researchers have uncovered vulnerabilities in over 178,000 SonicWall next-generation firewalls (NGFW) with exposed management interfaces online, potentially leading to denial-of-service (DoS) and remote code execution (RCE) attacks. These vulnerabilities could impact a significant number of SonicWall devices and may pose a serious threat to corporate networks, emphasizing the need … Read more