November 20, 2024 at 09:38AM D-Link advises owners of older VPN routers to replace their devices due to a serious remote code execution vulnerability. The company won’t issue patches for end-of-life products but offers a 20% discount on a new router. Users are encouraged to update passwords and enable Wi-Fi encryption. ### Meeting Takeaways 1. … Read more
September 17, 2024 at 11:33AM Google has patched a vulnerability in its Google Cloud Platform (GCP) that could have led to supply chain attacks on customer cloud servers. Researchers discovered the flaw, dubbed “CloudImposer,” in GCP’s Cloud Composer service, posing a dependency confusion risk. Google addressed the issue by fixing the vulnerable script and updating … Read more
September 16, 2024 at 03:12PM A critical remote code execution (RCE) vulnerability, CVE-2024-29847, in Ivanti Endpoint Manager was exploited and publicly released by security researcher Sina Kheirkhah. The flaw allows a remote attacker to execute arbitrary operations and should be patched immediately with the security update released in September 2024. Additionally, other Ivanti vulnerabilities are … Read more
August 31, 2024 at 02:28PM An outdated series of IP cameras has been exploited to create a new Mirai botnet. Akamai reported the active campaign leveraging the remote code execution (RCE) vulnerability in AVTECH AVM1203 IP cameras, which have been discontinued since 2019. The botnet also exploits other old vulnerabilities, emphasizing the importance of maintaining … Read more
August 7, 2024 at 11:35AM Threat actors are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2024-4885, in Progress WhatsUp Gold 23.1.2 and older versions. Proof-of-concept (PoC) exploits are available, and the attacks started on August 1, 2024, from six distinct IP addresses. Users are urged to upgrade to version 23.1.3 or implement firewall … Read more
August 6, 2024 at 02:32PM Google released 46 fixes for Android in its August security patch batch, addressing a high-severity Linux kernel flaw (CVE-2024-36971) with potential for remote code execution. The bug may already be exploited by spyware, highlighting the urgency of updating Android devices. Other high-severity vulnerabilities include a Qualcomm component flaw and 11 … Read more
July 26, 2024 at 09:37AM Progress Software’s latest security advisory warns about a critical CVE-2024-6327 vulnerability in Telerik Report Server, with potential for remote code execution on versions prior to 10.1.24.709. There’s special concern due to previous successful attacks via a similar vulnerability. Another CVE-2024-6096 vulnerability in Telerik Reporting also poses a serious risk, requiring … Read more
July 10, 2024 at 12:15AM Versions of OpenSSH are at risk due to a new CVE-2024-6409 vulnerability, impacting Red Hat Enterprise Linux 9 versions 8.7p1 and 8.8p1. Discovered by Solar Designer during a review of CVE-2024-6387 by Qualys, this flaw enables remote code execution in the privsep child process. An active exploit for CVE-2024-6387 has … Read more
June 3, 2024 at 02:01PM Researchers have demonstrated a chained remote code execution vulnerability on Progress Telerik Report Servers. The exploit, developed by Sina Kheirkha with assistance from Soroush Dalili, involves an authentication bypass and deserialization issue. Urgent updates (Telerik Report Server 2024 Q2 10.1.24.514 or later) are recommended. Progress Software’s history warrants prompt action … Read more
April 13, 2024 at 07:43AM Telegram addressed a zero-day vulnerability in its Windows desktop app, allowing the automatic launch of Python scripts. Initially disputed, it was confirmed that a typo in the source code allowed bypassing security warnings when clicking on Python .pyzw files disguised as videos. Telegram fixed the issue with a server-side fix, … Read more