Decade-Old Cisco Vulnerability Under Active Exploit

December 3, 2024 at 03:41PM Cisco warns customers of a decade-old security flaw in its Adaptive Security Appliance (ASA) WebVPN, tracked as CVE-2014-2120, which is being actively exploited. This vulnerability allows unauthenticated remote attackers to conduct cross-site scripting (XSS) attacks. Customers are urged to upgrade software, as no workarounds exist. ### Meeting Takeaways 1. **Security … Read more

In Other News: OPPC Breach Impacts 1.7M, US Soldier Suspected in Snowflake Hack, Cloudflare Loses Logs

November 29, 2024 at 07:05AM This week’s cybersecurity news roundup highlights significant developments, including the doubling of a data breach affecting OnePoint Patient Care, Meta’s crackdown on scam operations, malware exploiting Avast’s software, and various vulnerability patches from notable companies. Additional stories cover hacking incidents, Cloudflare’s log loss, and recent data breaches at Keesal, Young … Read more

Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks

November 25, 2024 at 12:56PM Zyxel warns that threat actors are exploiting a patched command injection vulnerability (CVE-2024-42057) in its firewalls, allowing remote code execution. A ransomware group, Helldown, has targeted affected devices. Users must upgrade to firmware 5.39 as earlier versions are susceptible to attacks. Immediate action is advised for optimal protection. ### Meeting … Read more

HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code

November 12, 2024 at 11:14AM Researchers have revealed a proof of concept for a serious vulnerability in Citrix’s Virtual Apps and Desktops, allowing unauthenticated remote code execution through HTTP requests. This flaw lets attackers gain system privileges and impersonate users. Citrix disputes the severity and has issued hotfixes, urging customers to apply them immediately. ### … Read more

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

November 12, 2024 at 10:15AM Researchers revealed vulnerabilities in Citrix Virtual Apps and Desktop, potentially allowing unauthenticated remote code execution through misconfigured permissions in the Session Recording component. Citrix has issued hotfixes for affected versions (CVE-2024-8068 and CVE-2024-8069). Microsoft warns against using BinaryFormatter due to its security risks related to deserialization. ### Meeting Takeaways – … Read more

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

November 11, 2024 at 05:39AM Cybersecurity researchers have identified nearly 24 vulnerabilities in 15 machine learning open-source projects, including Weave and ZenML. These flaws could allow unauthorized access, remote code execution, and escalation of privileges, posing significant risks to ML infrastructure. This discovery follows previous vulnerabilities and the introduction of a new defense framework, Mantis. … Read more

6 Infotainment Bugs Allow Mazdas to Be Hacked With USBs

November 8, 2024 at 05:28PM Six vulnerabilities in Mazda’s infotainment system could be exploited via a USB, potentially affecting vehicle safety. Originating from the Mazda Connect CMU, these flaws could allow full system compromise and access to sensitive data. Though serious, real-world exploitation remains unlikely currently, highlighting the need for improved vehicle security measures. **Meeting … Read more

Cisco Bug Could Lead to Command Injection Attacks

November 7, 2024 at 04:47PM Cisco has identified a vulnerability in its Unified Industrial Wireless Software for URWB access points, potentially allowing remote attackers to execute command injection attacks. Affected models include Catalyst IW9165D, IW9165E, and IW9167E with URWB mode enabled. Cisco has released a fix, though there’s no known public exploitation of the issue. … Read more

Cisco Patches Critical Vulnerability in Industrial Networking Solution

November 7, 2024 at 07:30AM Cisco has patched a critical vulnerability in its Unified Industrial Wireless software that could enable remote, unauthenticated attackers to execute commands with root privileges. The issue poses significant security risks to the affected systems. **Meeting Notes Takeaways:** – A critical vulnerability has been identified in Cisco Unified Industrial Wireless software. … Read more

Okta Fixes Auth Bypass Bug After 3-Month Lull

November 4, 2024 at 04:07PM Okta has resolved an authentication bypass vulnerability affecting long usernames and complex domain names, which could have enabled unauthorized access under specific conditions. Discovered on October 30, it remained undetected for three months. Customers are urged to check logs for unusual activity and implement multifactor authentication for added security. **Meeting … Read more