#PatchManagement

Exploitation Attempts Target Citrix Session Recording Vulnerabilities

by

November 21, 2024 at 04:34AM Exploitation attempts have been reported for two Citrix Session Recording vulnerabilities (CVE-2024-8068, CVE-2024-8069), which allow remote code execution. Although patches were issued, some reports suggest systems are exposed to the internet. Citrix advises users to update software to mitigate risks, as exploitation attempts continue. **Meeting Takeaways:** 1. **Vulnerability Overview:** – … Read more

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

by

November 20, 2024 at 12:18AM Oracle has alerted users about a high-severity vulnerability (CVE-2024-21287) in the Agile Product Lifecycle Management Framework, which is being actively exploited. This flaw allows unauthenticated access to sensitive files. Users are urged to apply patches immediately for protection, as details on the attackers remain unknown. **Meeting Takeaways – Nov 20, … Read more

Palo Alto Networks tackles firewall-busting zero-days with critical patches

by

November 19, 2024 at 10:35AM Palo Alto Networks has issued patches for two zero-day vulnerabilities: CVE-2024-0012, a critical authentication bypass, and CVE-2024-9474, a medium-severity privilege escalation. Users are urged to update urgently. The company warns of ongoing exploitation, particularly from VPN services, and advises restricting access to management interfaces. ### Meeting Takeaways: 1. **New Vulnerabilities … Read more

Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble

by

November 18, 2024 at 05:38PM Two VMware vCenter vulnerabilities, CVE-2024-38812 and CVE-2024-38813, have been actively exploited after Broadcom’s patch attempts. CVE-2024-38812 allows remote code execution, while CVE-2024-38813 permits privilege escalation. These flaws affect multiple vCenter and VMware Cloud Foundation versions, making them critical targets for cybercriminals. **Meeting Takeaways:** 1. **Vulnerabilities Identified**: Two critical vulnerabilities in … Read more

VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw

by

November 18, 2024 at 01:31PM VMware’s critical CVE-2024-38812 vulnerability in vCenter Server has been exploited in the wild, prompting urgent updates from the company. Initially reported at a Chinese hacking contest, the flaw allows remote code execution. Past patches failed to fully resolve the issue, emphasizing the need for customers to apply fixes urgently. Here … Read more

Palo Alto Networks Patches Critical Zero-Day Firewall Bug

by

November 18, 2024 at 12:24PM Palo Alto Networks (PAN) issued a warning about a critical remote code execution vulnerability (CVE-2024-0012) in its Expedition firewall, marking the fourth exploit in a week. The company recommends patching systems and limiting management interface access. Over 8,700 vulnerable instances were reported. Expedition will be unsupported after January 2025. ### … Read more

CISA warns of more Palo Alto Networks bugs exploited in attacks

by

November 14, 2024 at 05:03PM CISA has identified two critical vulnerabilities in Palo Alto Networks’ Expedition migration tool, now actively exploited: CVE-2024-9463 (unauthenticated command injection) and CVE-2024-9465 (SQL injection). Federal agencies must patch affected systems by December 5. Security updates are available in Expedition 1.2.96 and later, and user credentials should be rotated post-update. **Meeting … Read more

Five Eyes infosec agencies list 2024’s most exploited software flaws

by

November 14, 2024 at 03:40AM The UK, US, Canada, Australia, and New Zealand’s cybersecurity agencies released their annual list of the 15 most exploited vulnerabilities, highlighting increased attacks on zero-day exploits. Top entries include vulnerabilities in Citrix, Cisco, and Fortinet, emphasizing the need for prompt patching and secure product design to enhance network defenses. ### … Read more

Zero-Days Wins the Prize for Most Exploited Vulns

by

November 13, 2024 at 05:36PM The Cybersecurity and Infrastructure Security Agency’s report reveals that zero-day vulnerabilities were the most exploited in 2023, a shift from 2022. Key exploits stemmed from Citrix and Cisco. CISA recommends organizations enhance defenses with EDR, web application firewalls, and network tools to mitigate ongoing risks. ### Meeting Takeaways 1. **CISA … Read more

Ivanti Patches 50 Vulnerabilities Across Several Products

by

November 13, 2024 at 08:03AM Ivanti has addressed numerous vulnerabilities by releasing fixes for Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client, enhancing security across these products. **Meeting Takeaways:** 1. **Release of Fixes:** Ivanti has issued fixes addressing multiple vulnerabilities. 2. **Affected Products:** The vulnerabilities were found in the following products: – … Read more