December 11, 2024 at 05:49AM The US government has charged Chinese national Guan Tianfeng for his involvement in hacker attacks on Sophos firewalls, compromising around 81,000 devices globally. The attacks exploited zero-day vulnerabilities and were linked to Sichuan Silence Information Technology. Sanctions against Guan and the company were also announced, with rewards offered for information. … Read more
November 27, 2024 at 04:22AM A Russia-linked hacking group, RomCom, has exploited two recent Firefox and Windows zero-day vulnerabilities to install a backdoor on victims’ machines. Mostly targeting entities in North America and Europe, the group employs sophisticated methods requiring no user interaction, highlighting their capacity for stealthy cyber operations. ### Meeting Takeaways: 1. **APT … Read more
November 22, 2024 at 06:01AM A VulnCheck report identifies 15 critical vulnerabilities in various software products, with 400,000 internet-accessible hosts at risk. Eight flaws were exploited as zero-days, some even prior to patch releases. The report highlights significant threat actor activity, recommending organizations enhance risk visibility and patch management to mitigate exposure. ### Meeting Takeaways … Read more
November 15, 2024 at 05:09PM Israeli firm NSO Group allegedly exploited WhatsApp vulnerabilities to deploy its Pegasus spyware, even after legal actions were initiated. Using various zero-day exploits like “Erised” and “Eden,” NSO’s clients could remotely infiltrate devices. Despite being sanctioned by the U.S., NSO claims limited responsibility for clients’ surveillance actions. Here are the … Read more
November 14, 2024 at 03:40AM The UK, US, Canada, Australia, and New Zealand’s cybersecurity agencies released their annual list of the 15 most exploited vulnerabilities, highlighting increased attacks on zero-day exploits. Top entries include vulnerabilities in Citrix, Cisco, and Fortinet, emphasizing the need for prompt patching and secure product design to enhance network defenses. ### … Read more
November 13, 2024 at 10:54AM In 2023, many of the most frequently exploited vulnerabilities were initially zero-day vulnerabilities, as reported by government agencies. Notable companies affected included Citrix, Cisco, and Fortinet, highlighting ongoing security challenges organizations face in protecting their systems. ### Meeting Notes Takeaways: 1. **Top Exploits of 2023**: Most frequently exploited vulnerabilities this … Read more
November 13, 2024 at 07:15AM Microsoft’s November 2024 Patch Tuesday addressed 90 security flaws, including two actively exploited vulnerabilities in Windows NTLM and Task Scheduler. Notably, CVE-2024-43451 affects NTLMv2 hash disclosure, while CVE-2024-49039 allows privilege escalation. The update also highlights critical vulnerabilities in Azure CycleCloud and .NET, alongside adopting CSAF for improved vulnerability reporting. **Meeting … Read more
November 12, 2024 at 08:32PM Microsoft’s recent Patch Tuesday update addressed 89 security flaws, including two under active attack. Vulnerabilities CVE-2024-49039 and CVE-2024-43451 enable privilege escalation and account impersonation, respectively. Additionally, severe flaws in Azure and .NET products could lead to remote code execution. CISA highlighted an increase in zero-day exploitations throughout 2023. ### Meeting … Read more
November 12, 2024 at 05:45PM Microsoft’s November security update addresses 89 vulnerabilities, including four zero-day bugs actively exploited by attackers. Among these, CVE-2024-43451 allows unauthorized access to NTLMv2 hashes, while CVE-2024-49039 enables privilege escalation. Microsoft also adopted the Common Security Advisory Framework (CSAF) to improve vulnerability disclosure. ### Meeting Takeaways: 1. **Vulnerability Update**: – Microsoft … Read more
November 12, 2024 at 02:04PM Microsoft’s November 2024 Patch Tuesday addresses 91 vulnerabilities, including four critical flaws and two actively exploited zero-days. Notable vulnerabilities include NTLM Hash Disclosure and Windows Task Scheduler issues. The update also highlights fixes for other major products and features from various vendors, ensuring enhanced security across systems. ### Meeting Takeaways … Read more