September 6, 2024 at 06:30AM A critical vulnerability, CVE-2024-44000, was discovered in the LiteSpeed Cache plugin for WordPress, allowing attackers to potentially take over websites by retrieving and using stored user cookies. The flaw was identified and reported by Patchstack, who emphasized the importance of securing the debug log process. The issue was resolved with … Read more
September 4, 2024 at 12:59PM Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that allowed unauthorized access to unpatched systems with administrative privileges. Based on the meeting notes, the key takeaway is that Cisco has eliminated a backdoor account in the Cisco Smart Licensing Utility (CSLU), preventing unauthorized access to … Read more
August 27, 2024 at 01:38PM China’s Volt Typhoon exploited a critical bug affecting Versa’s SD-WAN customers using Versa Director, planting custom web shells to harvest credentials on networks. Lumen Technologies linked this to the new malware, VersaMem. Versa has issued a patch and recommends customers to upgrade, but the vulnerability was already exploited, attributed to … Read more
August 27, 2024 at 06:24AM Google warns of an in-the-wild exploited bug, tracked as CVE-2024-7965, in Chrome 128.0.6613.84. The V8 JavaScript engine flawed implementation allows remote attackers to exploit heap corruption through crafted HTML pages, potentially executing code or accessing sensitive information. The US CISA added the bug to the Known Exploited Vulnerabilities catalog, urging … Read more
August 16, 2024 at 12:40PM CISA warns of attackers exploiting a critical vulnerability in SolarWinds’ Web Help Desk (WHD) software, allowing remote code execution. SolarWinds issued a hotfix, advising administrators to apply it, while also recognizing an issue for SAML Single Sign-On users. CISA mandates federal agencies to patch WHD servers by September 5. SolarWinds … Read more
August 15, 2024 at 07:51AM Palo Alto Networks has released patches for high-severity vulnerabilities in its products, including a command injection issue in Cortex XSOAR, impacting the CommonScripts Pack. The Prisma Access Browser and two medium-severity issues have also been addressed. The company is not aware of any exploited vulnerabilities but has experienced targeted attacks … Read more
August 13, 2024 at 04:34PM Ivanti has addressed a critical vulnerability in its Virtual Traffic Manager (vTM) related to an authentication algorithm, with a major potential impact. While no attacks have been observed, a proof-of-concept exploit is publicly available. Ivanti has provided patches and recommends limiting vTM access to trusted IP addresses to reduce the … Read more
August 13, 2024 at 02:44PM Today, Microsoft’s August 2024 Patch Tuesday addresses 89 flaws with security updates, including six actively exploited and three publicly disclosed zero-days. Additionally, Microsoft is in the process of addressing a tenth publicly disclosed zero-day. Based on the meeting notes, the key takeaways are: – It is Microsoft’s August 2024 Patch … Read more
August 12, 2024 at 11:54AM Microsoft revealed multiple vulnerabilities in OpenVPN at the Black Hat security conference. These flaws, now fixed in OpenVPN 2.6.10, could be combined by skilled attackers to gain control of targeted systems. Exploitation requires user authentication and a deep understanding of OpenVPN. Users are strongly advised to apply the available fixes. … Read more
August 7, 2024 at 10:57AM Security researchers disclosed security flaws in Roundcube webmail software that could allow attackers to execute malicious JavaScript, steal sensitive information, and gain persistent foothold in browsers. The three vulnerabilities have been addressed in Roundcube versions 1.6.8 and 1.5.8 released on August 4, 2024. Additionally, a local privilege escalation flaw in … Read more