November 22, 2024 at 04:31PM Attackers exploited two recently patched vulnerabilities in Palo Alto Networks firewalls, compromising around 2,000 devices initially but down to 800 later. They deployed backdoors, malware, and cryptocurrency miners. The vulnerabilities enabled remote code execution, and the vendor continues to reference only a “limited number” of affected systems. ### Meeting Takeaways: … Read more
November 21, 2024 at 04:34AM Exploitation attempts have been reported for two Citrix Session Recording vulnerabilities (CVE-2024-8068, CVE-2024-8069), which allow remote code execution. Although patches were issued, some reports suggest systems are exposed to the internet. Citrix advises users to update software to mitigate risks, as exploitation attempts continue. **Meeting Takeaways:** 1. **Vulnerability Overview:** – … Read more
November 19, 2024 at 01:03PM D-Link is advising customers to replace outdated VPN router models due to a serious, unpatched vulnerability that allows for unauthenticated remote code execution. This security flaw poses significant risks, and affected devices will not receive fixes. ### Meeting Takeaways: 1. **Security Alert from D-Link**: Customers are being advised about a … Read more
November 19, 2024 at 02:03AM Recently patched vulnerabilities in Progress Kemp LoadMaster and VMware vCenter Server are being actively exploited. CISA added CVE-2024-1212, a critical flaw, to its Known Exploited Vulnerabilities catalog. Other vulnerabilities in VMware include CVE-2024-38812 and CVE-2024-38813, with remediation recommended by December 9, 2024, for federal agencies. **Meeting Takeaways – November 19, … Read more
November 18, 2024 at 05:38PM Two VMware vCenter vulnerabilities, CVE-2024-38812 and CVE-2024-38813, have been actively exploited after Broadcom’s patch attempts. CVE-2024-38812 allows remote code execution, while CVE-2024-38813 permits privilege escalation. These flaws affect multiple vCenter and VMware Cloud Foundation versions, making them critical targets for cybercriminals. **Meeting Takeaways:** 1. **Vulnerabilities Identified**: Two critical vulnerabilities in … Read more
November 18, 2024 at 02:00PM Broadcom has warned that two VMware vCenter Server vulnerabilities, CVE-2024-38812 (a critical remote code execution flaw) and CVE-2024-38813 (a privilege escalation flaw), are being actively exploited. Customers are urged to apply new security updates to mitigate risks, as no workarounds are available for these vulnerabilities. ### Meeting Takeaways 1. **Active … Read more
November 18, 2024 at 01:31PM VMware’s critical CVE-2024-38812 vulnerability in vCenter Server has been exploited in the wild, prompting urgent updates from the company. Initially reported at a Chinese hacking contest, the flaw allows remote code execution. Past patches failed to fully resolve the issue, emphasizing the need for customers to apply fixes urgently. Here … Read more
November 18, 2024 at 12:24PM Palo Alto Networks (PAN) issued a warning about a critical remote code execution vulnerability (CVE-2024-0012) in its Expedition firewall, marking the fourth exploit in a week. The company recommends patching systems and limiting management interface access. Over 8,700 vulnerable instances were reported. Expedition will be unsupported after January 2025. ### … Read more
November 15, 2024 at 04:19PM Palo Alto Networks’ firewall management interface has a critical zero-day vulnerability, allowing remote code execution by unauthenticated attackers. With a CVSS rating of 9.3, it currently lacks a patch. Users are advised to restrict access to the interface. Other vulnerabilities have been identified, with fixes available. ### Meeting Takeaways 1. … Read more
November 15, 2024 at 05:05AM Palo Alto Networks has confirmed the exploitation of a zero-day vulnerability in its firewall, following investigations into claims of a remote code execution flaw. The announcement highlights ongoing security concerns related to the vulnerability. **Meeting Takeaways:** 1. **Zero-Day Confirmation**: Palo Alto Networks has confirmed that a zero-day vulnerability is being … Read more