December 13, 2024 at 12:57PM A critical vulnerability (CVE-2024-54143) in OpenWrt’s Attended Sysupgrade could allow attackers to inject malicious firmware by exploiting command injection and hash collision issues. Patched in version 920c8a1, the flaw poses a severe supply chain risk as no authentication is required for exploitation. Users are urged to update immediately. ### Meeting … Read more
December 12, 2024 at 05:30AM Threat actors are exploiting vulnerabilities in the Hunk Companion and WP Query Console WordPress plugins for backdoor access to websites. The Hunk Companion flaw (CVE-2024-9707) allows unauthorized plugin installation, while WP Query Console (CVE-2024-50498) poses a remote code execution risk. Administrators should update to Hunk Companion version 1.9.0 immediately. ### … Read more
December 10, 2024 at 02:45PM Ivanti has alerted customers about a severe authentication bypass vulnerability (CVE-2024-11639) in its Cloud Services Appliance, allowing attackers to gain admin access remotely. Users should upgrade to CSA 5.0.3. The company also patched other vulnerabilities but found no evidence of exploitation prior to disclosure. **Meeting Takeaways: Ivanti Security Advisory Update** … Read more
December 4, 2024 at 08:19AM CISA warned of a high-severity vulnerability (CVE-2024-11667) in Zyxel firewall devices, exploited in the wild, allowing unauthorized file access. Zyxel issued patches, but users must change passwords for complete protection. CISA urges federal agencies to update their systems by December 24 and recommends all organizations to follow suit. ### Meeting … Read more
November 26, 2024 at 08:27AM America’s Cyber Defense Agency has identified hackers exploiting a remote code execution vulnerability in SSL VPN products from Array Networks AG and vxAG ArrayOS. **Meeting Takeaways:** 1. **Subject Matter:** America’s Cyber Defense Agency (ACDA) is addressing a significant security threat. 2. **Vulnerability Identified:** There is a remote code execution vulnerability … Read more
November 18, 2024 at 03:41PM A critical flaw in the Really Simple Security WordPress plug-in, affecting over 4 million sites, allows attackers to bypass authentication and gain administrative access. Rated 9.8 on the CVSS scale, the vulnerability has been patched in version 9.1.2. Users are urged to confirm updates to protect their sites. ### Meeting … Read more
November 18, 2024 at 09:34AM Discontinued GeoVision video surveillance products are facing botnet attacks due to a critical zero-day vulnerability (CVE-2024-11120). This flaw allows remote attackers to execute commands without authentication. The affected models, now unsupported, include GV-VS12 and GV-VS11. Users are urged to replace these devices to mitigate risks. ### Meeting Notes Takeaways: 1. … Read more
November 15, 2024 at 09:45AM Palo Alto Networks has identified a critical zero-day vulnerability, tracked as ‘PAN-SA-2024-0015,’ in Next-Generation Firewalls’ management interfaces. This vulnerability is actively being exploited in attacks, prompting urgent attention and action from affected users to mitigate potential risks. **Meeting Notes Takeaways:** 1. **Vulnerability Warning**: Palo Alto Networks has issued a warning … Read more
November 14, 2024 at 05:07PM A vulnerability in the PL/Perl extension of PostgreSQL (CVE-2024-10979) allows users to set arbitrary environment variables, scoring a CVSS 8.8. It can lead to severe security issues such as arbitrary code execution. Affected versions require updates to mitigate risks and should prompt users to review function creation logs. ### Meeting … Read more
November 11, 2024 at 06:10AM D-Link has alerted users about a critical command injection vulnerability in several discontinued NAS models, leaving them exposed to remote attacks. This emphasizes the importance of maintaining security awareness for legacy devices. **Meeting Takeaways:** 1. **Vulnerability Alert**: D-Link has identified a critical-severity command injection vulnerability. 2. **Affected Products**: The issue … Read more