August 6, 2024 at 02:24AM Google has addressed a high-severity security flaw in the Android kernel, identified as CVE-2024-36971, acknowledging its active exploitation. The patch also includes fixes for 47 flaws, with indications that the vulnerability may be exploited in targeted attacks. The company is collaborating with OEM partners to apply fixes where applicable. The … Read more
July 25, 2024 at 04:05PM Check Point discovered CVE-2024-38112, a remote code execution vulnerability affecting Microsoft Windows and Windows Server. Threat actors exploit this via Internet Shortcut files and by disguising .hta applications as PDFs. CISA has categorized it as a high-severity risk and mandated updates for federal Windows systems by July 30. Organizations with … Read more
July 25, 2024 at 03:33AM Summary: Patching remains a challenging and laborious task for IT professionals, with low success rates and growing complexities from an increasing number of software applications and vulnerabilities. While automation tools and improved visibility in endpoint management products offer potential solutions, lack of ownership and reluctance to adopt new approaches are … Read more
July 24, 2024 at 10:04AM Organizations are increasingly reliant on web browsers, elevating their significance in accessing critical systems and data. However, the widespread use of multiple browsers across different roles complicates security efforts. Vulnerabilities and dangerous exploits in web browsers pose significant risks, highlighting the need for robust patch management and security policies to … Read more
July 9, 2024 at 03:03PM Microsoft released a large set of updates to address security vulnerabilities in the Windows environment. They warned of active exploitation of a Windows Hyper-V privilege escalation bug and a Windows MSHTML Platform spoofing vulnerability. These vulnerabilities represent only a portion of the 143 documented bugs, with five rated as critical. … Read more
July 5, 2024 at 08:41AM Infosec experts are discussing a vulnerability in Ghostscript, which may lead to significant breaches. The format string bug, designated as CVE-2024-29510, allows remote code execution (RCE) on systems running Ghostscript. It poses a serious threat to web applications and services utilizing Ghostscript for document conversion and preview functionality. The severity … Read more
July 1, 2024 at 08:21AM Attackers are targeting a critical vulnerability (CVE-2024-0769) in discontinued D-Link DIR-859 WiFi routers, enabling remote exploitation without authentication and leaking sensitive information. A published exploit has already been observed in the wild, and mass exploitation is anticipated. D-Link urges owners to replace these devices, as they are no longer receiving … Read more
July 1, 2024 at 08:06AM OpenSSH has issued security updates for a critical flaw enabling unauthenticated remote code execution with root privileges in glibc-based Linux systems. Dubbed CVE-2024-6387, the race condition bug affects versions 8.5p1 to 9.7p1, potentially leading to full system compromise. Users are urged to apply the latest patches and enforce network-based controls … Read more
June 28, 2024 at 07:12AM Fortra released patches for a critical SQL injection vulnerability (CVE-2024-5276, CVSS 9.8) in FileCatalyst Workflow version 5.1.6 Build 135 and earlier. This flaw could create administrative user accounts and modify application data. Tenable identified the issue and published PoC code for exploiting it. Fortra addressed the vulnerability in version 5.1.6 … Read more
June 27, 2024 at 01:42PM Attackers have intensified attacks on Progress Software’s MOVEit file transfer application by exploiting new vulnerabilities, posing a significant threat to affected organizations. Despite available patches, organizations face challenges in quickly applying them due to the potential for adversaries to target their systems. A proof-of-concept exploit is in the wild, highlighting … Read more