September 27, 2024 at 08:02AM Progress Software recently identified and warned customers about six vulnerabilities in WhatsUp Gold, urging them to upgrade to version 24.0.1 to address these issues. The vulnerabilities, including SQL injection and remote code execution flaws, were reported by various security researchers and have been exploited by attackers. Progress has released patches … Read more
August 30, 2024 at 04:42AM Progress Software’s network monitoring solution WhatsUp Gold has critical vulnerabilities (CVE-2024-4885) allowing remote attackers to execute arbitrary code, posing a significant risk. While version 23.1.3 addressed the issue, upgrading to version 24.0.0 is encouraged, though the manual process may deter some administrators. Administrators are advised to upgrade promptly to mitigate … Read more
August 7, 2024 at 11:35AM Threat actors are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2024-4885, in Progress WhatsUp Gold 23.1.2 and older versions. Proof-of-concept (PoC) exploits are available, and the attacks started on August 1, 2024, from six distinct IP addresses. Users are urged to upgrade to version 23.1.3 or implement firewall … Read more
May 14, 2024 at 08:30AM Cacti network monitoring framework has addressed a dozen security flaws, including critical vulnerabilities like arbitrary code execution via file write and command injection. These flaws impact all versions prior to 1.2.26 and have been fixed in version 1.2.27. Users are advised to update to the latest version promptly to mitigate … Read more
May 1, 2024 at 09:27AM Cuttlefish, a new malware, targets enterprise and SOHO routers, creating proxy/VPN tunnels to steal data and authentication information. It can perform DNS/HTTP hijacking, targeting services such as Alicloud, AWS, and BitBucket. Black Lotus Labs found its active campaign in Turkey and recommends strengthening security measures and monitoring for unusual logins. … Read more
April 25, 2024 at 07:40AM This text outlines a network attack simulation, highlighting the use of common tools and the necessity for multiple choke points in defense. The simulation includes 6 steps from Initial Access to Data Exfiltration and emphasizes the benefits of testing detections, demonstrating the need for network monitoring, and implementing a holistic … Read more
April 4, 2024 at 08:30AM Progress Software has released patches for a critical vulnerability in its widely used network monitoring and security solution, Flowmon, which could allow remote, unauthenticated attackers to gain access to systems. Tracked as CVE-2024-2389 with the highest severity rating, the bug was fixed in versions 11.1.14 and 12.3.5. Users should update … Read more
March 21, 2024 at 08:31AM The text discusses the importance of automated network monitoring, covering network device monitoring and network traffic analysis. It lists six best network monitoring tools, emphasizing their key features, the type of organizations they are recommended for, and potential advantages and limitations. If you need further information about any particular tool … Read more
March 5, 2024 at 07:06AM A recent US CISA advisory disclosed critical and high-severity vulnerabilities in the Zeek network security monitoring tool’s Ethercat plugin, impacting ICS environments. The vulnerabilities, tracked as CVE-2023-7244, CVE-2023-7243, and CVE-2023-7242, could allow threat actors to execute attacks. The researcher, Cameron Whitehead, identified these vulnerabilities, impacting over 10,000 Zeek deployments globally. … Read more
February 21, 2024 at 10:45AM Live Webinar: Join SecurityWeek and Lacework on Thursday, February 22nd at 1PM ET to learn about active threats targeting cloud deployments and practical strategies to mitigate them. Gain insights into AI and ML in threat detection, user behavior analytics, and continuous monitoring of network traffic and user activities. Key Takeaways … Read more