December 12, 2024 at 04:13PM Ruijie Networks has patched 10 vulnerabilities in its Reyee cloud management platform, potentially allowing control of thousands of devices. Researchers from Claroty, who developed the “Open Sesame” attack, highlighted weaknesses in device authentication. This could enable attackers to impersonate the cloud platform and exploit connected devices, raising IoT security concerns. … Read more
December 12, 2024 at 09:51AM Cybersecurity researchers warn that numerous publicly accessible Prometheus servers are vulnerable to information leakage and attacks due to inadequate authentication. Sensitive data, including credentials, can be exposed, and denial-of-service attacks may occur via specific endpoints. Organizations should implement authentication, limit exposure, and monitor server activity to mitigate risks. **Meeting Takeaways … Read more
December 12, 2024 at 08:39AM A severe remote code execution vulnerability (CVE-2024-53677) in Apache Struts 2 has been revealed, with a rating of 9.5 or 9.8. Attackers can exploit it without privileges. Users must upgrade to Struts 6.4.0+ to avoid risk. There are no workarounds; patching is mandatory. ### Meeting Takeaways 1. **Vulnerability Severity**: The … Read more
December 12, 2024 at 06:08AM Cleo has updated its Harmony, VLTrader, and LexiCom file transfer tools to address a critical vulnerability (CVE-2024-50623) affecting several industries. The flaw allows unpatched systems to be exploited for file access and remote code execution. Security firms are analyzing related malware linked to ongoing attacks, suggesting widespread exploitation. ### Meeting … Read more
December 12, 2024 at 05:30AM Threat actors are exploiting vulnerabilities in the Hunk Companion and WP Query Console WordPress plugins for backdoor access to websites. The Hunk Companion flaw (CVE-2024-9707) allows unauthorized plugin installation, while WP Query Console (CVE-2024-50498) poses a remote code execution risk. Administrators should update to Hunk Companion version 1.9.0 immediately. ### … Read more
December 12, 2024 at 05:15AM A critical vulnerability (CVE-2024-11972, CVSS 9.8) in the Hunk Companion WordPress plugin allows attackers to install malicious plugins, risking Remote Code Execution and other exploits. This flaw impacts all versions prior to 1.9.0 and has over 10,000 installations. Additionally, a related vulnerability in WPForms also poses risks. ### Meeting Takeaways … Read more
December 11, 2024 at 05:52PM The US government has charged Chinese national Guan Tianfeng for allegedly hacking 81,000 Sophos firewall devices in 2020 using a severe zero-day vulnerability (CVE-2020-12271). An arrest warrant has been issued, and a $10 million reward is offered for information about him and his operations in China. ### Meeting Takeaways: 1. … Read more
December 11, 2024 at 10:19AM Google has released a Chrome update addressing three vulnerabilities, including two high-severity memory safety bugs in the V8 JavaScript engine, one of which led to a $55,000 bug bounty. The update also fixes a use-after-free defect. No exploitation of these vulnerabilities has been confirmed yet. ### Meeting Takeaways: 1. **Chrome … Read more
December 11, 2024 at 07:41AM The newly identified ransomware group Termite appears responsible for exploiting a vulnerability in Cleo’s file transfer software. This issue allows unauthorized file access and potential remote code execution, affecting around 1,700 servers, primarily in the US retail sector. Cleo plans to release a fix for the vulnerability soon. ### Meeting … Read more
December 11, 2024 at 07:15AM Ivanti issued a security advisory for three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10-rated authentication bypass flaw. These vulnerabilities could allow attackers to gain unauthorized access and execute malicious commands. Users are urged to upgrade to version 5.0.3 to mitigate risks. ### Meeting Takeaways: **Ivanti … Read more