June 4, 2024 at 11:07AM Progress Software has released updates to address a critical security flaw in Telerik Report Server, allowing potential bypass of authentication and creation of rogue administrator users. Tracked as CVE-2024-4358, the flaw carries a high CVSS score of 9.8. Users are urged to update to version 2024 Q2 and review user … Read more
June 4, 2024 at 09:04AM US National Institute of Standards and Technology is addressing the backlog in processing vulnerability reports. NIST’s plan involves a multipronged approach, working with public and private sectors, and updating technology to handle the increasing number of disclosed vulnerabilities. The backlog has been attributed to a combination of resource reductions and … Read more
June 4, 2024 at 08:39AM A critical vulnerability (CVE-2024-4358, CVSS 9.8) in Progress Software’s Telerik Report Server allows remote attackers to bypass authentication, creating an admin user. An exploited deserialization flaw (CVE-2024-1800) enables remote code execution. Progress addressed both vulnerabilities in version 2024 Q1 (10.0.24.305). Users should update promptly to prevent exploitation. Based on the … Read more
June 3, 2024 at 08:12AM Cybersecurity software vendor Check Point detected a zero-day vulnerability being actively exploited. The vulnerability, assigned CVE-2024-24919, affects several Check Point products and can result in unauthorized access to sensitive information. Check Point advised users to update their software and harden their VPN posture. Additionally, various other critical vulnerabilities in different … Read more
June 3, 2024 at 06:30AM Security researcher Sam Curry has identified authorization bypass issues in Cox modems, allowing potential unauthorized access and the execution of malicious commands. Following responsible disclosure, the U.S. broadband provider promptly addressed the vulnerabilities. Curry’s analysis revealed potential access to sensitive customer data and the ability to modify device settings, posing … Read more
May 31, 2024 at 03:35PM CISA added two vulnerabilities to its KEV catalog, including a Linux kernel privilege escalation flaw (CVE-2024-1086) and an info disclosure flaw on VPN devices (CVE-2024-24919). The former allows local attackers to gain root-level access, with a public exploit available. CISA has set a patching deadline for federal agencies and suggested … Read more
May 31, 2024 at 07:36AM CISA warns of active exploitation of Linux kernel vulnerability CVE-2024-1086, enabling local attackers to elevate privileges. Affected versions range from 5.14 to 6.6, potentially impacting all versions since 3.15. Various distributions are confirmed affected, with potential for more. Proof-of-concept code has been published, and successful exploitation may lead to arbitrary … Read more
May 30, 2024 at 02:09PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) highlighted a high-severity security flaw in the Linux kernel (CVE-2024-1086) enabling local privilege escalation. Additionally, a security flaw in Check Point network gateway products (CVE-2024-24919) was added to the Known Exploited Vulnerabilities catalog. Federal agencies are urged to apply the latest fixes … Read more
May 30, 2024 at 11:03AM The RedTail cryptocurrency mining malware has evolved, incorporating a new PAN-OS vulnerability and advanced anti-analysis techniques. It’s known for utilizing patched vulnerabilities in various systems for propagation. The latest version includes encrypted mining configuration and operates without a cryptocurrency wallet, indicating a switch to a private mining pool for financial … Read more
May 29, 2024 at 03:45PM Threat actors are exploiting a high-severity zero-day vulnerability in Check Point Remote Access VPN, stealing Active Directory data to move through victims’ networks. Check Point warns customers of attackers targeting their security gateways using old VPN local accounts with insecure password-only authentication. The company has released hotfixes to block exploitation … Read more