March 26, 2024 at 04:53PM CVE-2024-1580 enables remote attackers to execute arbitrary code on impacted devices. Based on the meeting notes, it appears that the CVE-2024-1580 vulnerability allows remote attackers to execute arbitrary code on affected devices. This is a critical issue that warrants immediate attention and action to mitigate potential security risks. Full Article
March 26, 2024 at 02:58PM The “ShadowRay” hacking campaign exploits an unpatched vulnerability in the Ray open-source AI framework, targeting various industries. Anyscale revealed five related vulnerabilities, including a critical flaw that lacks authentication and is actively exploited. This leads to data breaches and misuse of computing power, emphasizing the need for secured environments and … Read more
March 26, 2024 at 11:15AM A recent proof-of-concept exploit has led to attacks on a critical vulnerability, prompting CISA to prioritize urgent patching. Based on the meeting notes, the urgent action required is to prioritize patching the identified vulnerability due to the exploitation and subsequent attacks. The CISA has flagged it as a critical issue … Read more
March 26, 2024 at 06:42AM The US cybersecurity agency, CISA, warns about the exploitation of CVE-2023-48788, a critical SQL injection bug affecting Fortinet’s FortiClient EMS. Patches have been released, and the vulnerability has been added to CISA’s Known Exploited Vulnerabilities catalog. Concerns also extend to another vulnerability, CVE-2021-44529, affecting Ivanti Endpoint Manager. (Words: 50) Based … Read more
March 25, 2024 at 02:11PM CISA, in collaboration with the FBI, aims to reduce the spread of a common type of software vulnerabilities. Based on the meeting notes, the key takeaway is that CISA is working in partnership with the FBI to address the widespread issue of a well-known class of bugs. This joint alert … Read more
March 22, 2024 at 10:03AM Cybersecurity researchers detailed a security vulnerability in AWS Managed Workflows for Apache Airflow that’s now fixed by AWS, named FlowFixation by Tenable. It could allow a threat actor to hijack sessions, achieve code execution, and perform same-site attacks, impacting AWS, Azure, and Google Cloud. Both AWS and Azure have addressed … Read more
March 22, 2024 at 09:53AM The NIST has drastically reduced the analysis of Common Vulnerabilities and Exposures (CVEs) in the National Vulnerability Database, posing challenges for IT security professionals. The organization’s budget cuts and workload are suspected reasons. The cybersecurity community is concerned about the impact, although alternative sources like Open Source Vulnerabilities are available. … Read more
March 22, 2024 at 08:33AM A China-linked threat group utilized security flaws in Connectwise ScreenConnect and F5 BIG-IP to distribute custom malware for creating backdoors on compromised Linux hosts. The group, tracked as UNC5174, has targeted various organizations, including research institutions and government entities in the U.S. and U.K. They have also been observed trying … Read more
March 22, 2024 at 08:33AM The Sign1 malware campaign has compromised 39,000 WordPress sites in six months, using malicious JavaScript injections to redirect users to scam sites. The recent variant infected 2,500 sites in the last two months alone. The campaign employs rogue JavaScript injected into legitimate HTML widgets and plugins, with time-based randomization to … Read more
March 21, 2024 at 11:18AM Security researchers have released a PoC exploit for a critical SQL injection vulnerability in Fortinet’s FortiClient EMS. Tracked as CVE-2023-48788, it impacts versions 7.0 and 7.2, allowing unauthenticated threat actors to gain RCE with SYSTEM privileges. With Horizon3’s PoC, attackers can modify it to use Microsoft SQL Server xp_cmdshell for … Read more