September 16, 2024 at 05:20PM Ivanti alerted customers about the active exploitation of a high-severity vulnerability (CVE-2024-8190) in its Cloud Service Appliance (CSA). The company recommended upgrading to CSA 5.0 to remediate the bug, warning that unauthorized access is possible with a CVSS score of 7.2. Users are urged to update to the latest version … Read more
August 7, 2024 at 07:11PM Ronin Network’s blockchain experienced a security breach as white hat hackers exploited an undocumented vulnerability, withdrawing $12 million in assets. Promptly, they notified Ronin about the breach and the bridge was halted for verification. A post-mortem revealed a flaw in a recent bridge update, prompting Ronin to develop a new … Read more
July 24, 2024 at 03:05PM Docker has issued security updates to address a critical vulnerability in certain versions of Docker Engine, which could allow attackers to bypass authorization plugins under specific conditions. The flaw, identified as CVE-2024-41110, affects several versions of Docker Engine, and patched versions up to v27.1.0 are advised for impacted users. Additionally, … Read more
July 22, 2024 at 12:42PM A recent Europol report highlights the fragmentation of the ransomware threat landscape following the disruption of RaaS groups. This has led to challenges in attribution and increased independence among cybercriminals. Affiliates are now developing their own payloads, while the focus has shifted to targeting small and medium-sized businesses. The report … Read more
July 20, 2024 at 01:06AM CrowdStrike’s routine sensor update on July 19, 2024 triggered a logic error, causing critical Windows systems to crash globally. This issue was not caused by a cyberattack, affecting only Windows systems with Falcon sensor. The US cybersecurity agency CISA is collaborating with partners to assess impacts and support remediation efforts. … Read more
July 19, 2024 at 07:01AM SolarWinds released security updates for Access Rights Manager, resolving 13 vulnerabilities, including eight critical-severity bugs. Six critical flaws could be exploited for remote code execution, while the remaining two could allow attackers to read and delete arbitrary files. Five high-severity issues were also addressed, impacting domain admin access and arbitrary … Read more
July 2, 2024 at 02:54PM CISA and PTC reported a critical flaw in an industrial computer-aided design software server (CVE-2024-6071), exposing systems to unauthorized remote access. A patch has been issued for affected Creo Elements/Direct License Servers, urging immediate update. PTC stated no evidence of exploitation in the wild and emphasized no impact on the … Read more
June 12, 2024 at 11:08AM Microsoft has deprecated its DirectAccess remote access solution and recommends companies to transition to ‘Always On VPN’ for increased security and ongoing support. Always On VPN, introduced as a successor to DirectAccess, supports modern VPN protocols and is more flexible, requiring users to plan and execute a migration to avoid … Read more
June 7, 2024 at 10:39AM A new PHP RCE vulnerability, CVE-2024-4577, impacts Windows PHP versions since 5.x. With a patch released, updating large-scale deployments poses challenges, leaving systems vulnerable. Exploiting ‘Best-Fit’ encoding on Windows, it bypasses prior protections. Mitigations include upgrading to patched versions, applying mod_rewrite rules, or migrating from CGI to FastCGI, PHP-FPM, or … Read more
May 9, 2024 at 02:19AM Two security vulnerabilities in F5 Next Central Manager could allow threat actors to gain control of devices and create hidden administrator accounts. The flaws, CVE-2024-21793 and CVE-2024-26026, impact versions 20.0.1 to 20.1.0 and have been addressed in version 20.2.0. Exploitation could lead to full control of the device and the … Read more