October 11, 2024 at 11:13PM A joint advisory from US and UK agencies warns of a massive Russian hacking campaign exploiting known vulnerabilities, led by APT29. Organizations are urged to prioritize patching systems and improve cyber defenses. Additionally, phone phishing scams are on the rise, and GitLab users need to patch critical vulnerabilities urgently. Here … Read more
September 20, 2024 at 04:36AM Ivanti announced the exploitation of two vulnerabilities in its Cloud Services Appliance (CSA): CVE-2024-8190 and CVE-2024-8963. The flaws allow unauthorized access and arbitrary command execution on devices. CSA 4.6 Patch 519 and CSA 5.0 address the vulnerabilities, with the latter recommended due to the end of life for 4.6. CISA … Read more
September 19, 2024 at 02:45PM Ivanti warns of ongoing exploitation of a Cloud Services Appliance (CSA) vulnerability, CVE-2024-8963, allowing remote attackers to access restricted functions. Attackers also exploit CVE-2024-8190 to bypass admin authentication and execute arbitrary commands. Ivanti advises immediate patching and emphasizes the end-of-life status of Ivanti CSA 4.6. Federal agencies are mandated to … Read more
June 26, 2024 at 09:35AM Progress Software revealed new vulnerabilities affecting MOVEit Transfer and Gateway, including critical authentication bypass-style flaws with a severity score of 9.1. Last year’s breaches affected 2,773 organizations, prompting an embargo on the information until June 25 to allow for patching. The vulnerabilities could lead to file-less attacks and should be … Read more
June 6, 2024 at 01:33PM Two remote code execution (RCE) vulnerabilities in ThinkPHP, CVE-2018-20062 and CVE-2019-9082, patched over five years ago, are being exploited in ongoing attacks. Chinese-speaking threat actors use the web shell “Dama” to compromise servers, bypass PHP functions, and escalate privileges. Organizations are urged to urgently patch, as attackers target unpatched systems. … Read more
May 21, 2024 at 06:27PM Veeam has urged customers to address a critical security vulnerability in Veeam Backup Enterprise Manager (VBEM), allowing unauthenticated attackers to access any account. VBEM, not enabled by default, may be patched to mitigate this and other high-severity vulnerabilities. These flaws have been exploited in ransomware attacks targeting global IT infrastructure. … Read more
May 20, 2024 at 10:07AM QNAP’s vulnerabilities disclosed by watchTowr revealed 15 issues, with only 4 addressed. Six are accepted with no available patches, while the rest are still under embargo or have no solution. QNAP has a history of ransomware attacks and slow patching. CVE-2024-27130, with potential RCE, remains unpatched despite being acknowledged by … Read more
May 17, 2024 at 09:57AM CISA added two D-Link product CVEs to its Known Exploited Vulnerabilities Catalog, urging federal agencies to address them promptly. The first CVE, CVE-2014-100005, affects decade-old security flaws in legacy D-Link routers. The second D-Link CVE added is CVE-2021-40655, an information disclosure bug in discontinued DIR-605 routers. CISA also included CVE-2024-4761, … Read more
May 14, 2024 at 05:36AM The UK’s NHS warns that vulnerabilities in Arcserve Unified Data Protection software are likely being actively exploited. Despite not disclosing any specific data, NHS strongly encourages organizations to apply patches as outlined in Arcserve’s advisory. Critical vulnerabilities include authentication bypass and path traversal, posing risks of data theft, ransomware attacks, … Read more
March 21, 2024 at 01:04AM The UAE is a frontrunner in digital transformation in the Middle East, but faces security challenges due to slow patching and legacy technology. It seems from the meeting notes that the UAE is leading digital-transformation efforts in the Middle East. However, it is facing challenges due to slow patching and … Read more