vulnerability

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

by

February 13, 2024 at 03:16PM Water Hydra exploited the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) targeting financial market traders. The Trend Micro Zero Day Initiative discovered and disclosed this, cooperating with Microsoft to ensure a rapid patch. Water Hydra also used similar tactics in a campaign targeting traders. The group’s attack patterns reflect high levels … Read more

Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 74 flaws

by

February 13, 2024 at 02:08PM The document details a list of vulnerabilities, including CVE IDs, titles, and severity ratings for various Microsoft products and services, such as .NET, Azure Active Directory, Azure DevOps, Microsoft Edge, and others. It also covers Windows-related vulnerabilities in areas like Hyper-V, Internet Connection Sharing, Kernel, LDAP, and Message Queuing. Based … Read more

Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor

by

February 13, 2024 at 08:27AM Ivanti VPN vulnerability exploited to deploy new ‘DSLog’ backdoor, allowing command execution, web request, and system log theft. SecurityWeek reported the backdoor’s use following the exploit. Based on the meeting notes, the discussion revolved around the deployment of a backdoor using a recent vulnerability in Ivanti VPN. This backdoor allows … Read more

CISA Warns of Roundcube Webmail Vulnerability Exploitation

by

February 13, 2024 at 06:33AM CISA has included the CVE-2023-43770 Roundcube flaw in its exploited vulnerabilities catalog, raising concern over potential exploitation. This warning was conveyed in a post on SecurityWeek. As an executive assistant with expertise in generating clear takeaways from meeting notes, I would translate the information as follows: “In a recent update, … Read more

Alert: CISA Warns of Active ‘Roundcube’ Email Attacks – Patch Now

by

February 12, 2024 at 11:57PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a medium-severity security flaw affecting Roundcube email software to its known exploited vulnerabilities catalog. Tracked as CVE-2023-43770, the cross-site scripting (XSS) flaw in Roundcube Webmail allows for information disclosure via malicious link references. Agencies are mandated to apply fixes by … Read more

Rhysida Ransomware Cracked, Free Decryption Tool Released

by

February 12, 2024 at 08:39AM Cybersecurity researchers at Kookmin University and Korea Internet and Security Agency have discovered an “implementation vulnerability” in Rhysida ransomware, enabling the first successful decryption of its data. The findings led to the development of a recovery tool distributed by KISA, achieving data decryption by exploiting implementation vulnerabilities in ransomware. The … Read more

Ivanti discloses fifth vulnerability, doesn’t credit researchers who found it

by

February 9, 2024 at 04:36PM Ivanti disclosed a new vulnerability in its gateways, confusing researchers who claim discovery. Ivanti, attributing the find to in-house review, faces dispute from watchTowr, who published evidence of prior notification. The high-severity flaw, affecting limited versions, requires patching and mitigation. Recent security issues prompt CISA and NCSC advisories. (Word count: … Read more

Ivanti Patches High-Severity Vulnerability in VPN Appliances

by

February 9, 2024 at 04:09PM Ivanti announced patches for a high-severity vulnerability, CVE-2024-22024, affecting enterprise VPN and network access products. The XML external entity (XXE) issue in SAML component of Connect Secure, Policy Secure, and ZTA appliances could allow unauthorized access to restricted resources. Patches addressing the flaw were included in various versions. No evidence … Read more

Fortinet Warns of New FortiOS Zero-Day

by

February 9, 2024 at 04:09PM Fortinet has released critical patches for a remote code execution vulnerability, tracked as CVE-2024-21762, in FortiOS impacting versions 6.0, 6.2, 6.4, 7.0, 7.2, and 7.4. FortiOS 7.6 is unaffected. Fortinet advises migrating from version 6.0. Disabling SSL VPN is a workaround, but does not fully mitigate the vulnerability. The Chinese … Read more

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

by

February 8, 2024 at 06:14PM Fortinet warns of a critical remote code execution vulnerability (CVE-2024-21762/FG-IR-24-015) in FortiOS SSL VPN, with a 9.6 severity rating. Unpatched versions affected. Recommended upgrades provided. Those unable to patch can mitigate by disabling SSL VPN. Potential exploitation by threat actors. Urgent device updates advised due to high severity and possible … Read more