December 2, 2024 at 07:25AM Zabbix has announced a critical vulnerability (CVE-2024-42327) in its monitoring solution, allowing SQL injection attacks through API access for non-admin users. Affected versions include 6.0.0 to 6.0.31, 6.4.0 to 6.4.16, and 7.0.0. Patches are available in recent releases. Users are urged to update promptly. ### Meeting Takeaways on Zabbix Vulnerabilities … Read more
November 12, 2024 at 07:05AM The SANS State of ICS/OT Cybersecurity 2024 report reveals insights from 530 professionals on current and planned technologies in critical infrastructure. Key current technologies include access controls and backup tools, while future focus areas include ICS-specific training and metrics. Increasing investment in less-deployed technologies like SBOM and SOAR is noted. … Read more
September 27, 2024 at 08:02AM Progress Software recently identified and warned customers about six vulnerabilities in WhatsUp Gold, urging them to upgrade to version 24.0.1 to address these issues. The vulnerabilities, including SQL injection and remote code execution flaws, were reported by various security researchers and have been exploited by attackers. Progress has released patches … Read more
August 30, 2024 at 04:42AM Progress Software’s network monitoring solution WhatsUp Gold has critical vulnerabilities (CVE-2024-4885) allowing remote attackers to execute arbitrary code, posing a significant risk. While version 23.1.3 addressed the issue, upgrading to version 24.0.0 is encouraged, though the manual process may deter some administrators. Administrators are advised to upgrade promptly to mitigate … Read more
August 7, 2024 at 11:35AM Threat actors are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2024-4885, in Progress WhatsUp Gold 23.1.2 and older versions. Proof-of-concept (PoC) exploits are available, and the attacks started on August 1, 2024, from six distinct IP addresses. Users are urged to upgrade to version 23.1.3 or implement firewall … Read more
May 14, 2024 at 08:30AM Cacti network monitoring framework has addressed a dozen security flaws, including critical vulnerabilities like arbitrary code execution via file write and command injection. These flaws impact all versions prior to 1.2.26 and have been fixed in version 1.2.27. Users are advised to update to the latest version promptly to mitigate … Read more
May 1, 2024 at 09:27AM Cuttlefish, a new malware, targets enterprise and SOHO routers, creating proxy/VPN tunnels to steal data and authentication information. It can perform DNS/HTTP hijacking, targeting services such as Alicloud, AWS, and BitBucket. Black Lotus Labs found its active campaign in Turkey and recommends strengthening security measures and monitoring for unusual logins. … Read more
April 25, 2024 at 07:40AM This text outlines a network attack simulation, highlighting the use of common tools and the necessity for multiple choke points in defense. The simulation includes 6 steps from Initial Access to Data Exfiltration and emphasizes the benefits of testing detections, demonstrating the need for network monitoring, and implementing a holistic … Read more
April 4, 2024 at 08:30AM Progress Software has released patches for a critical vulnerability in its widely used network monitoring and security solution, Flowmon, which could allow remote, unauthenticated attackers to gain access to systems. Tracked as CVE-2024-2389 with the highest severity rating, the bug was fixed in versions 11.1.14 and 12.3.5. Users should update … Read more
March 21, 2024 at 08:31AM The text discusses the importance of automated network monitoring, covering network device monitoring and network traffic analysis. It lists six best network monitoring tools, emphasizing their key features, the type of organizations they are recommended for, and potential advantages and limitations. If you need further information about any particular tool … Read more