February 6, 2024 at 09:04AM Three high-risk vulnerabilities have been found in Microsoft Azure’s HDInsight, impacting data security. The bugs open the door to performance issues and unauthorized access, allowing attackers to manipulate data and system operations. Azure’s HDInsight, used by major corporations, houses valuable information, emphasizing the need for diligent patching to protect sensitive … Read more
February 6, 2024 at 08:37AM Fortinet’s FortiSIEM product is affected by two critical security vulnerabilities (CVE-2024-23108 and CVE-2024-23109) with a severity score of 10 on the CVSS scale. These flaws allow for remote code execution by unauthenticated attackers. Currently, the affected versions are specified, and Fortinet has recommended upgrading to version 7.1.2 to address the … Read more
February 5, 2024 at 06:06PM Mitsubishi Electric identified high-severity authentication bypass and critical remote code execution vulnerabilities in several factory automation products. The impacted products include EZSocket, FR Configurator2, GT Designer3, GX and MT Works, MELSOFT Navigator, and MX. The company advised users to implement cybersecurity measures while it works on patches and released advisories … Read more
February 5, 2024 at 06:06PM Google has released an AI-aided fuzzing framework in open source to help find vulnerabilities faster. The tool leverages large language models to generate fuzz targets and has resulted in a 30% increase in code coverage for over 300 projects. The framework allows experimentation and testing of fuzz targets and also … Read more
February 1, 2024 at 05:15PM The United States Cybersecurity and Infrastructure Security Agency (CISA) has ordered Federal Civilian Executive Branch agencies to remove Ivanti appliances from federal networks within 48 hours. The directive is a response to multiple threat actors exploiting security flaws in the appliances. Agencies are required to disconnect and rebuild the appliances, … Read more
January 31, 2024 at 03:40PM Multiple security vulnerabilities in the runC command line tool have been disclosed, known as Leaky Vessels. These vulnerabilities could allow threat actors to escape container boundaries and launch further attacks, potentially accessing sensitive data and superuser privileges. The flaws have been addressed in runC version 1.1.12, and users are advised … Read more
January 31, 2024 at 02:36AM Two zero-day flaws in Ivanti Connect Secure (ICS) VPN have been exploited to distribute the Rust-based KrustyLoader and the Sliver adversary simulation tool. Identified as CVE-2023-46805 and CVE-2024-21887, the flaws allow unauthenticated remote code execution with delayed patches. The vulnerabilities have been utilized by threat actors and other adversaries. Key … Read more
January 30, 2024 at 05:44PM Schneider Electric’s Sustainability Business division fell victim to the “Cactus” ransomware. The cyberattack affected the Resource Advisor platform, prompting the company to inform affected customers. Although the breach was confined to this division, potential data leak repercussions exist. Operating to restore normalcy by Jan. 31, the company primarily serves Fortune … Read more
January 30, 2024 at 10:36AM Juniper Networks disclosed and apologized for previously concealing vulnerabilities reported by watchTowr researcher Aliz Hammond. The company issued an out-of-cycle security advisory, separately disclosing four vulnerabilities with missing individual CVEs. The vulnerabilities affect J-Web in Junos OS SRX Series and EX Series. US CISA warned of the XSS vulnerability and … Read more
January 29, 2024 at 11:12AM Two vulnerabilities in WatchGuard and Panda Security products, tracked as CVE-2023-6330 and CVE-2023-6331, could lead to denial of service (DoS) conditions or code execution with system privileges. The flaws were identified in the Panda Kernel Memory Access driver and were addressed in updates for the affected products. Details are available … Read more