October 23, 2024 at 07:19AM CISA has included a new remote code execution vulnerability for Microsoft SharePoint Server in its KEV catalog, indicating that the flaw is being actively exploited in attacks. ### Meeting Takeaways: 1. **CISA Update**: The Cybersecurity and Infrastructure Security Agency (CISA) has included a new vulnerability in their Known Exploited Vulnerabilities … Read more
September 26, 2024 at 01:40PM Bug hunter Simone Margaritelli has disclosed a critical, 9.9-rated unauthenticated RCE affecting GNU/Linux systems, with a possible release of technical details and exploit on September 30. Security teams have time to prepare, but details about the flaw are limited. The severity has been confirmed by Canonical and RedHat, raising concerns … Read more
September 19, 2024 at 06:57PM CISA added five flaws to its Known Exploited Vulnerabilities catalog, including a critical remote code execution (RCE) flaw in Apache HugeGraph-Server (CVE-2024-27348). It urges users to apply mitigations or discontinue use by October 9, 2024. The product is vital for various sectors and has older vulnerabilities added for documentation purposes. … Read more
September 19, 2024 at 04:10PM A researcher has released a proof-of-concept exploit and analysis for CVE-2024-40711, a critical vulnerability in Veeam’s backup software. The flaw, with a CVSS score of 9.8, allows unauthenticated remote code execution. Veeam has released patches, but there are concerns about their effectiveness. Enterprises are urged to apply the latest patch … Read more
September 17, 2024 at 09:15AM Tenable revealed details of the CloudImposer attack method, which could have led to remote code execution on Google Cloud Platform (GCP). The attack exploited a Python argument to carry out a dependency confusion attack. After reporting the vulnerability, Google promptly patched the RCE bug and updated its documentation to mitigate … Read more
August 29, 2024 at 12:35PM Google’s Chrome Vulnerability Rewards Program has increased rewards, specifically addressing memory safety with up to $250,000 for demonstrated remote code execution. Other classes of vulnerabilities have rewards up to $30,000 and special rewards of $100,115 and $250,128 for bypassing security measures. A new bug could potentially earn $500,128. Based on … Read more
August 29, 2024 at 11:49AM The Corona Mirai-based malware botnet is exploiting a 5-year-old remote code execution zero-day vulnerability in AVTECH IP cameras, impacting models no longer supported by the vendor. The flaw has a high-severity score and allows unauthenticated attackers to inject commands, potentially leading to distributed denial of service (DDoS) attacks. Users are … Read more
August 29, 2024 at 07:48AM Malicious actors have weaponized a long-standing flaw in AVTECH IP cameras, exploiting a zero-day vulnerability to form a botnet. The vulnerability, CVE-2024-7029, allows remote code execution. The attack campaign has been ongoing since March 2024, leveraging known vulnerabilities to spread a Mirai botnet variant. Additionally, a “mysterious” botnet named 7777 … Read more
August 23, 2024 at 04:09AM SolarWinds released a second hotfix for an exploited Web Help Desk vulnerability, removing hardcoded credentials and fixing an SSO issue. The CVE-2024-28987 vulnerability with a CVSS score of 9.1 could allow remote users to access internal functionality. CISA quickly added the bug to its Known Exploited Vulnerabilities catalog, urging immediate … Read more
August 16, 2024 at 06:10AM CISA warned of a critical vulnerability in SolarWinds Web Help Desk, CVE-2024-28986, allowing remote code execution. SolarWinds released a patch but noted an authentication requirement for successful exploitation. The flaw affects versions 12.4 to 12.8 and has been observed in the wild. Federal agencies must address vulnerable instances by September … Read more