March 8, 2024 at 09:57AM SecurityWeek’s cybersecurity news roundup offers a concise collection of important stories that may have been overlooked. This week’s highlights include IBM’s launch of a new cyber response training facility, Google’s termination of accounts involved in influence operations, updates on Microsoft’s Secure Future Initiative, and cybersecurity resources released by CISA and … Read more
March 8, 2024 at 08:03AM Multiple vulnerabilities in Sceiner firmware enable attackers to exploit smart locks, compromising the integrity of devices supplied under Sceiner’s name and other brands such as Kontrol and Elock, as revealed by Aleph Research. The vulnerabilities impact products using firmware versions 6.5.x to 6.5.07 and the TTLock app version 6.4.5, with … Read more
March 7, 2024 at 11:39AM Security researchers have observed increasing exploit attempts using the latest vulnerabilities in JetBrains’ TeamCity, leading to ransomware deployment. Telemetry indicates active attacks using modified Jasmin ransomware. The uncoordinated disclosure of vulnerabilities between JetBrains and Rapid7 has caused a stir in the cybersecurity community, highlighting contrasting policies regarding vulnerability disclosure. Users … Read more
March 6, 2024 at 01:03AM Apple has released security updates to fix actively exploited vulnerabilities, CVE-2024-23225 and CVE-2024-23296, in its iOS and iPadOS, addressing them with improved validation. The flaws can be exploited by attackers to bypass kernel memory protections. This development adds to a total of three zero-days that Apple has addressed since the … Read more
March 5, 2024 at 08:19AM Rapid7 accused JetBrains of silently patching two critical vulnerabilities in the TeamCity CI/CD server, despite Rapid7’s policy against such actions. JetBrains’ attempt to release patches before publicly disclosing was met with Rapid7’s refusal. JetBrains later released patches without informing researchers, leading to criticism from the infosec community. From the meeting … Read more
March 5, 2024 at 07:06AM JetBrains has released patches for critical authentication bypass vulnerabilities in its TeamCity build management server. Tracked as CVE-2024-27198 and CVE-2024-27199, these flaws allow unauthenticated attackers to gain full control of the server, execute arbitrary code, and access sensitive information. A security fix is available in TeamCity version 2023.11.4. Customers are … Read more
March 3, 2024 at 10:20PM LockBit ransomware gang continues operations despite law enforcement takedown, claiming to possess sensitive data. Analyst suggests gang’s posturing to reassure affiliates, while CISA warns Ivanti vulnerabilities could persist even after factory resets. Security researchers raise concerns about potential cloud-based SAML token forgery vulnerability, advising organizations to safeguard certificates against potential … Read more
March 1, 2024 at 08:57AM Five Eyes agencies warn of ongoing exploitation of Ivanti VPN flaws and encourage organizations to assume credentials have been compromised, hunt for malicious activity, use Ivanti’s Integrity Checker Tool, and apply patches. Ivanti releases enhanced ICT to detect new/changed files on affected appliances. Agencies offer IoCs, Yara rules, and incident … Read more
February 29, 2024 at 03:40PM The U.S. Cybersecurity Agency (CISA) revealed that attackers breaching Ivanti appliances can maintain root persistence after factory resets. Four vulnerabilities allow evasion of Ivanti’s Integrity Checker Tool, with ratings from high to critical. CISA warned of compromised Ivanti devices’ significant risk and ordered federal agencies to disconnect and rebuild affected … Read more
February 27, 2024 at 11:27AM Multiple threat actors are exploiting two recently resolved vulnerabilities in ConnectWise ScreenConnect. The flaws, tracked as CVE-2024-1709 and CVE-2024-1708, allow for authentication bypass and path traversal. ConnectWise has released patches and urged immediate updates to version 23.9.8. Trend Micro has observed various cybercrime groups exploiting the vulnerabilities for malware delivery … Read more