Tag: cve
-
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-keriocontrol-firewall-flaw-to-steal-admin-csrf-tokens/
-
Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers
CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/08/mitel-micollab-oracle-weblogic-server-vulnerabilities-exploited-by-attackers/
-
Critical Vulnerabilities in Moxa Routers Allow Root Privilege Escalation
Critical security vulnerabilities have been found in Moxa cellular routers and network security appliances. Learn about CVE-2024-9138 &… First seen on hackread.com Jump to article: hackread.com/moxa-reports-critical-industrial-router-vulnerabilities/
-
1000’s Of SonicWall Devices Remain Vulnerable To CVE-2024-40766
A recent investigation revealed that the Akira and Fog ransomware groups are actively exploiting the SonicWall NSA vulnerability (CVE-2024-40766) to compromise organizations. As of December 23, 2024, over 100 companies are suspected to have been victimized by these groups through this vulnerability. Despite the disclosure in September 2024, a significant number of devices, exceeding 48,933,…
-
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow an attacker…
-
Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-third-party-data-breach-limited-treasury-dept
-
Moxa router flaws pose serious risks to industrial environmets
Moxa warns of two flaws in its routers and security appliances that enable privilege escalation and remote command execution. Moxa addressed privilege escalation and OS command injection vulnerabilities in cellular routers, secure routers, and network security appliances. Below are the descriptions for both vulnerabilities: Moxa released firmware updates to address vulnerabilities CVE-2024-9140 and CVE-2024-9138. Affected…
-
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution.The list of vulnerabilities is as follows -CVE-2024-9138 (CVSS 4.0 score: 8.6) – A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain First seen…
-
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Tags: ai, api, apt, attack, bug-bounty, business, chatgpt, cloud, computing, conference, credentials, cve, cyber, cybercrime, cyberespionage, cybersecurity, data, defense, detection, email, exploit, finance, firewall, flaw, framework, github, government, group, guide, hacker, hacking, incident response, injection, LLM, malicious, microsoft, open-source, openai, penetration-testing, programming, rce, RedTeam, remote-code-execution, service, skills, software, sql, tactics, threat, tool, training, update, vulnerability, waf, zero-dayGenerative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise.Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and writing…
-
Windows LDAP Denial of Service Vulnerability (CVE-2024-49113) Alert
Overview Recently, NSFOCUS CERT detected that the details of Windows LDAP remote code execution vulnerability (CVE-2024-49113) were disclosed. Due to an out-of-bounds read vulnerability in wldap32.dll of Windows LDAP service, an unauthenticated attacker can induce a target server (as an LDAP client) to initiate a query request to a malicious LDAP server controlled by the…The…
-
Open source vulnerability scanner found with a serious vulnerability in its own code
A widely popular open-source tool, Nuclei, used for scanning vulnerabilities and weaknesses in websites, cloud applications, and networks is found to have a high-severity flaw that could potentially allow attackers to execute malicious codes on local systems.The flaw tracked as CVE-2024-43405 is assigned a CVSS score of 7.4 out of 10 and is said to…
-
PoC Exploit Released for Critical OpenSSH Vulnerability (CVE-2024-6387)
An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept (PoC) exploit targeting the critical vulnerability identified as CVE-2024-6387. This vulnerability, discovered by researchers at Qualys, allows remote unauthenticated attackers to execute arbitrary code on vulnerable OpenSSH servers, posing a significant risk to users relying on this widely utilized protocol…
-
Windows Registry Privilege Escalation Vulnerability PoC Released
Researchers have released a proof of concept (PoC) exploit for a critical privilege escalation vulnerability affecting Microsoft Windows. This vulnerability, CVE-2024-43452, allows attackers to gain elevated privileges on a compromised system, potentially leading to unchecked access to sensitive data and critical system resources. Vulnerability Details The Windows Registry database stores configuration settings and options for…
-
Privacy Roundup: Week 1 of Year 2025
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code.Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than 3.0.0.”The…
-
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers.”Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach, who…
-
Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability
Proof-of-concept (PoC) code was published for CVE-2024-49113, a denial-of-service (DoS) vulnerability in Windows LDAP. The post Exploit Code Published for Potentially Dangerous Windows LDAP Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/exploit-code-published-for-potentially-dangerous-windows-ldap-vulnerability/
-
LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113
Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability CVE-2024-49113 (CVSS score of 7.5), named LDAPNightmare, is a Windows Lightweight Directory Access Protocol (LDAP) Denial of Service flaw that was discovered by the researcher Yuki Chen. An attacker can exploit the now-patched vulnerability to…
-
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition.The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 ( First seen…
-
CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild
Tags: cisa, cve, cyber, cybersecurity, dns, exploit, flaw, infrastructure, network, risk, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto Networks PAN-OS. Tracked as CVE-2024-3393, this flaw has been observed in active exploitation, putting systems at risk of remote disruption. CVE-2024-3393: Malformed DNS Packet Vulnerability This vulnerability stems from improper parsing and logging of malformed DNS…
-
Top CVEs Vulnerabilities of December 2024
When it comes to cybersecurity, it’s not just the technology that evolves, it’s the threats too. Every month brings its own set of challenges, and December 2024 has been no… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/top-cves-vulnerabilities-of-december-2024/
-
TrueNAS CORE Vulnerability Let Attackers Execute Remote Code
Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a critical vulnerability in TrueNAS CORE, a widely-used open-source storage operating system developed by iXsystems. The vulnerability, CVE-2024-11944, allows network-adjacent attackers to execute arbitrary code on affected installations without requiring authentication. This discovery was presented during the renowned cybersecurity competitionPwn2Own. 2024…
-
Critical Apache Vulnerabilities: Update Now to Avoid Major Risks
The Cyber Security Agency of Singapore has issued a warning about several critical vulnerabilities found in Apache software products. The Apache Software Foundation has rolled out security patches addressing these vulnerabilities, which could pose risks to users and organizations relying on these tools. Among the affected vulnerabilities are CVE-2024-43441, CVE-2024-45387, and CVE-2024-52046. First seen on…
-
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck.The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36.The severity of the shortcoming is lower due to the fact…
-
Researchers warn of active exploitation of critical Apache Struts 2 flaw
Exploitation activity was observed about a week after the CVE was disclosed.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/active-exploitation-apache-struts-2-flaw/736199/
-
Hackers exploit DoS flaw to disable Palo Alto Networks firewalls
Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-dos-flaw-to-disable-palo-alto-networks-firewalls/
-
Palo Alto Networks Vulnerability Puts Firewalls at Risk of DoS Attacks
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto Networks’ PAN-OS software. This flaw allows unauthenticated attackers to exploit firewalls through specially crafted packets, causing denial-of-service (DoS) conditions. The issue has been actively exploited, prompting urgent mitigation measures. Details of the Vulnerability The vulnerability stems from improper handling of…