March 27, 2024 at 06:42AM CISA added the CVE-2023-24955 SharePoint flaw, part of an exploit chain for unauthenticated remote code execution, to its Known Exploited Vulnerabilities list, after it was demonstrated at Pwn2Own. Microsoft patched this flaw in May 2023. CISA’s catalog now holds four exploited SharePoint vulnerabilities, with CVE-2023-24955 requiring attention by government organizations … Read more
March 21, 2024 at 10:26AM Ransomware attacks are impacting organizations across all sectors, with recent high-profile incidents involving Change Healthcare and Veolia North America. These attacks have highlighted the need for lessons learned and strategies to limit ransomware risk, including enhancing email and endpoint security, properly encrypting sensitive data, establishing a solid backup strategy, and … Read more
March 21, 2024 at 09:45AM IT software company Ivanti has released patches for critical-severity vulnerabilities in Standalone Sentry and Neurons for ITSM, posing remote code execution and file write risks. Unauthenticated attackers can exploit Standalone Sentry bug to execute commands, while authenticated remote users can perform file writes to the ITSM server. Users are advised … Read more
March 18, 2024 at 03:08PM Despite a slight increase in patching, over 133,000 Fortinet appliances remain vulnerable to the critical security flaw CVE-2024-21762. The vulnerability allows remote code execution and is actively exploited. Another critical flaw, CVE-2023-48788, has been disclosed, adding to the patching workload. The widespread attacks make swift patching crucial. Key takeaways from … Read more
March 14, 2024 at 10:28AM Attackers are using Google redirects in a phishing attack, exploiting a patched vulnerability to spread multifaceted malware. Based on the meeting notes, the key takeaway is that attackers are utilizing Google redirects in their phishing attacks, taking advantage of a previously patched vulnerability to distribute complex malware. Full Article
March 13, 2024 at 02:03AM Microsoft released a monthly security update addressing 61 vulnerabilities, including 2 critical issues in Windows Hyper-V with potential for denial-of-service and remote code execution. None of the flaws were publicly known or under active attack, but updates were also made to the Chromium-based Edge browser. Other vendors have also released … Read more
March 11, 2024 at 10:03AM Over the weekend, Taiwan-based QNAP Systems announced patches for critical vulnerabilities in several products, such as QTS, QuTS hero, and QuTScloud. The flaws could enable unauthenticated access to network-attached storage (NAS) devices. CVE-2024-21899 poses a high risk, while CVE-2024-21900 and CVE-2024-21901 present medium risks, requiring authentication for exploitation. QNAP also … Read more
March 11, 2024 at 10:03AM Fortinet recently patched a critical vulnerability in FortiOS, warning of potential exploitation. Tracked as CVE-2024-21762, the flaw can result in out-of-bounds write issues, allowing remote attackers to execute arbitrary code. While CISA added it to the Known Exploited Vulnerabilities Catalog, there are no reports of mass attacks or confirmed exploitation. … Read more
March 5, 2024 at 08:19AM Rapid7 accused JetBrains of silently patching two critical vulnerabilities in the TeamCity CI/CD server, despite Rapid7’s policy against such actions. JetBrains’ attempt to release patches before publicly disclosing was met with Rapid7’s refusal. JetBrains later released patches without informing researchers, leading to criticism from the infosec community. From the meeting … Read more
March 5, 2024 at 07:06AM JetBrains has released patches for critical authentication bypass vulnerabilities in its TeamCity build management server. Tracked as CVE-2024-27198 and CVE-2024-27199, these flaws allow unauthenticated attackers to gain full control of the server, execute arbitrary code, and access sensitive information. A security fix is available in TeamCity version 2023.11.4. Customers are … Read more