May 29, 2024 at 09:34AM Check Point releases hotfixes for VPN zero-day exploited in attacks targeting remote access to firewalls and corporate networks. The vulnerability (CVE-2024-24919) affects Check Point Security Gateways and impacts various product versions. Security updates have been issued, and installation instructions provided. A remote access validation script is available to review results … Read more
May 28, 2024 at 12:25PM Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet’s FortiSIEM solution, impacting versions 6.4.0 and higher. Tracked as CVE-2024-23108, the flaw enables remote command execution as root without authentication. This PoC exploit could allow attackers to execute unauthorized commands and must be addressed promptly to … Read more
May 24, 2024 at 05:36AM Google has released a new emergency security update for Chrome to address the eighth actively exploited zero-day vulnerability. Tracked as CVE-2024-5274, the high-severity ‘type confusion’ flaw in V8, Chrome’s JavaScript engine, can lead to crashes and data corruption. The fix is available for Windows and Mac, with updates for Linux … Read more
May 23, 2024 at 01:39PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw affecting Apache Flink to the Known Exploited Vulnerabilities catalog due to active exploitation. Tracked as CVE-2020-17519, the issue allows unauthorized access to sensitive information. Federal agencies are advised to apply the latest fixes by June 13, 2024, to … Read more
May 23, 2024 at 10:41AM Veeam addressed a critical vulnerability in its Backup Enterprise Manager, CVE-2024-29849, which could allow unauthorized access to the VBEM web interface. Although attackers could log in as any user, Veeam confirmed that the flaw wouldn’t lead to backups being deleted due to the immutable backups and authorization measures. Customers are … Read more
May 23, 2024 at 05:39AM Ivanti has released fixes for multiple critical security flaws in Endpoint Manager (EPM), addressing SQL injection vulnerabilities and high-severity security flaws in other products. Additionally, a critical flaw in the open-source Genie federated Big Data orchestration and execution engine has been disclosed, posing a risk for remote code execution. The … Read more
May 22, 2024 at 10:20AM A new malware named GhostEngine has been identified, targeting vulnerable drivers to disable endpoint detection and response solutions. It is used in a complex cryptomining campaign by an intrusion set labeled “REF4578.” The malware’s intricate features include disabling EDR, establishing persistence, installing a backdoor, and executing a cryptominer. Detection methods … Read more
May 22, 2024 at 06:30AM Google announced the release of Chrome 125 update addressing six vulnerabilities, including four high-severity bugs reported by external researchers. The update resolves issues such as use-after-free flaw, type confusion bug in V8 JavaScript engine, and heap buffer overflow problems. Google has paid out bug bounty rewards ranging from $5,000 to … Read more
May 22, 2024 at 03:50AM Unknown threat actors are exploiting security flaws in Microsoft Exchange Server to deploy a keylogger malware targeting African and Middle Eastern entities. Russian cybersecurity firm Positive Technologies identified over 30 victims, including government agencies, banks, and IT companies, with the first compromise dating back to 2021. The attack chains commence … Read more
May 22, 2024 at 01:33AM QNAP has addressed medium-severity security flaws in its QTS and QuTS hero, including permissions, code execution, and buffer overflow vulnerabilities. Fixes have been released, credited to Aliz Hammond of watchTowr Labs. Although some issues remain outstanding, QNAP has committed to improving coordination with researchers and enhancing security measures for its … Read more