Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform

December 13, 2024 at 10:54AM Cybersecurity firm Claroty warns of vulnerabilities in the Reyee cloud management platform that could enable attackers to take control of 50,000 devices. Using device serial numbers, hackers can generate credentials, execute denial-of-service attacks, and potentially steal sensitive data. Ruijie has reportedly fixed all identified security issues. **Meeting Takeaways: Vulnerabilities in … Read more

CISA Warns Recent Microsoft SharePoint RCE Flaw Exploited in Attacks

October 23, 2024 at 07:19AM CISA has included a new remote code execution vulnerability for Microsoft SharePoint Server in its KEV catalog, indicating that the flaw is being actively exploited in attacks. ### Meeting Takeaways: 1. **CISA Update**: The Cybersecurity and Infrastructure Security Agency (CISA) has included a new vulnerability in their Known Exploited Vulnerabilities … Read more

Doomsday 9.9 RCE bug could hit every Linux system – and more

September 26, 2024 at 01:40PM Bug hunter Simone Margaritelli has disclosed a critical, 9.9-rated unauthenticated RCE affecting GNU/Linux systems, with a possible release of technical details and exploit on September 30. Security teams have time to prepare, but details about the flaw are limited. The severity has been confirmed by Canonical and RedHat, raising concerns … Read more

CISA warns of actively exploited Apache HugeGraph-Server bug

September 19, 2024 at 06:57PM CISA added five flaws to its Known Exploited Vulnerabilities catalog, including a critical remote code execution (RCE) flaw in Apache HugeGraph-Server (CVE-2024-27348). It urges users to apply mitigations or discontinue use by October 9, 2024. The product is vital for various sectors and has older vulnerabilities added for documentation purposes. … Read more

1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam

September 19, 2024 at 04:10PM A researcher has released a proof-of-concept exploit and analysis for CVE-2024-40711, a critical vulnerability in Veeam’s backup software. The flaw, with a CVSS score of 9.8, allows unauthenticated remote code execution. Veeam has released patches, but there are concerns about their effectiveness. Enterprises are urged to apply the latest patch … Read more

Dependency Confusion Could Have Led to RCE in Google Cloud Platform

September 17, 2024 at 09:15AM Tenable revealed details of the CloudImposer attack method, which could have led to remote code execution on Google Cloud Platform (GCP). The attack exploited a Python argument to carry out a dependency confusion attack. After reporting the vulnerability, Google promptly patched the RCE bug and updated its documentation to mitigate … Read more

Rock Chrome hard enough and get paid half a million

August 29, 2024 at 12:35PM Google’s Chrome Vulnerability Rewards Program has increased rewards, specifically addressing memory safety with up to $250,000 for demonstrated remote code execution. Other classes of vulnerabilities have rewards up to $30,000 and special rewards of $100,115 and $250,128 for bypassing security measures. A new bug could potentially earn $500,128. Based on … Read more

Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

August 29, 2024 at 11:49AM The Corona Mirai-based malware botnet is exploiting a 5-year-old remote code execution zero-day vulnerability in AVTECH IP cameras, impacting models no longer supported by the vendor. The flaw has a high-severity score and allows unauthenticated attackers to inject commands, potentially leading to distributed denial of service (DDoS) attacks. Users are … Read more

Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks

August 29, 2024 at 07:48AM Malicious actors have weaponized a long-standing flaw in AVTECH IP cameras, exploiting a zero-day vulnerability to form a botnet. The vulnerability, CVE-2024-7029, allows remote code execution. The attack campaign has been ongoing since March 2024, leveraging known vulnerabilities to spread a Mirai botnet variant. Additionally, a “mysterious” botnet named 7777 … Read more

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw

August 23, 2024 at 04:09AM SolarWinds released a second hotfix for an exploited Web Help Desk vulnerability, removing hardcoded credentials and fixing an SSO issue. The CVE-2024-28987 vulnerability with a CVSS score of 9.1 could allow remote users to access internal functionality. CISA quickly added the bug to its Known Exploited Vulnerabilities catalog, urging immediate … Read more