December 11, 2024 at 05:52PM The US government has charged Chinese national Guan Tianfeng for allegedly hacking 81,000 Sophos firewall devices in 2020 using a severe zero-day vulnerability (CVE-2020-12271). An arrest warrant has been issued, and a $10 million reward is offered for information about him and his operations in China. ### Meeting Takeaways: 1. … Read more
December 10, 2024 at 10:11AM Hackers are leveraging a zero-day vulnerability in Cleo managed file transfer software to infiltrate corporate networks and execute data theft attacks. This highlights the urgent need for organizations to address security weaknesses and implement protective measures against such threats. **Meeting Notes Takeaways:** 1. **Current Threat:** Hackers are exploiting a zero-day … Read more
December 5, 2024 at 10:41AM A zero-day vulnerability in Mitel MiCollab allows unauthorized file access on servers. Discovered by watchTowr, it remains unpatched after 90 days. Users are urged to implement security measures and monitor for suspicious activity until a fix is available, as Mitel plans to address the issue in December 2024. **Meeting Takeaways:** … Read more
November 21, 2024 at 02:47PM Hackers have compromised thousands of Palo Alto Networks firewalls by exploiting two recently patched zero-day vulnerabilities. **Meeting Takeaways:** 1. **Security Breach**: A significant number of Palo Alto Networks firewalls have been compromised by hackers. 2. **Exploited Vulnerabilities**: The attacks are utilizing two recently patched zero-day vulnerabilities. 3. **Urgency for Action**: … Read more
November 16, 2024 at 02:24AM A threat actor named BrazenBamboo has exploited a zero-day vulnerability in Fortinet’s FortiClient for Windows to extract VPN credentials using a tool called DEEPDATA. Discovered by Volexity, this malware, used in cyber espionage, is part of a broader framework encompassing various communication platforms and data exfiltration capabilities. ### Meeting Takeaways … Read more
November 15, 2024 at 04:19PM Palo Alto Networks’ firewall management interface has a critical zero-day vulnerability, allowing remote code execution by unauthenticated attackers. With a CVSS rating of 9.3, it currently lacks a patch. Users are advised to restrict access to the interface. Other vulnerabilities have been identified, with fixes available. ### Meeting Takeaways 1. … Read more
October 22, 2024 at 05:38PM A critical zero-day vulnerability (CVE-2024-44068) in Samsung’s mobile processors allows arbitrary code execution. Discovered in the m2m scaler driver, it received an 8.1 CVSS score and was patched in October 2024. Reported by Google researchers, it includes privilege escalation and anti-forensic measures. **Meeting Takeaways:** 1. **Discovery of Vulnerability**: A zero-day … Read more
October 7, 2024 at 02:35PM Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service, caused by a use-after-free weakness. The vulnerability, reported by Google Project Zero and Amnesty International Security Lab, has been exploited in targeted attacks. Qualcomm urges immediate update deployment and has also fixed another severe … Read more
October 1, 2024 at 03:35PM Rackspace experienced a data breach due to a zero-day vulnerability in ScienceLogic’s third-party tool. ScienceLogic promptly developed a patch and distributed it to impacted customers. The breach exposed limited customer monitoring data, leading Rackspace to rotate credentials and inform customers. The impact on customers and potential exploitation attempts remains unknown. … Read more
September 17, 2024 at 03:21PM VMware, owned by Broadcom, released critical-severity patches for two vulnerabilities in its vCenter Server. One vulnerability, CVE-2024-38812, poses a major risk of remote code execution, while the other, CVE-2024-38813, is a privilege escalation vulnerability. The flaws impact vCenter Server and Cloud Foundation versions, and patches are the only known solution. … Read more