Tag: cve
-
CISA Warns of Progress Kemp LoadMaster Vulnerability Exploitation
CISA is warning organizations that CVE-2024-1212, a Progress Kemp LoadMaster OS command injection vulnerability, is being exploited in attacks. The post CISA Warns of Progress Kemp LoadMaster Vulnerability Exploitation appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-progress-kemp-loadmaster-vulnerability-exploitation/
-
Apple addressed two actively exploited zero-day vulnerabilities
Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. Apple released security updates for two zero-day vulnerabilities, tracked as CVE-2024-44309 and CVE-2024-44308, in iOS, iPadOS, macOS, visionOS, and Safari web browser, which are actively exploited in the wild. The vulnerability CVE-2024-44309 is a cookie management issue…
-
Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
Apple has released emergency security updates for macOS Sequoia that fix two zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308) that >>may have been actively … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/20/cve-2024-44309-cve-2024-44308/
-
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild.The flaws are listed below -CVE-2024-44308 – A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web contentCVE-2024-44309 – A cookie management…
-
Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation
Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild.The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information.”This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network First seen on…
-
Oracle warns of Agile PLM file disclosure flaw exploited in attacks
Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-warns-of-agile-plm-file-disclosure-flaw-exploited-in-attacks/
-
Unraveling Raspberry Robin’s Layers: Analyzing Obfuscation Techniques and Core Mechanisms
IntroductionDiscovered in 2021, Raspberry Robin (also known as Roshtyak) is a malicious downloader that has circulated in the wild for several years, primarily spreading through infected USB devices. Although USB devices are a common and unremarkable tactic for spreading malware, Raspberry Robin stands out due to its unique binary-obfuscation techniques, extensive use of anti-analysis methods,…
-
AnyDesk für Windows: Schwachstelle CVE-2024-52940 bis Version 8.1.0
In der Fernwartungssoftware AnyDesk für Windows gibt es bis Version 8.1.0 eine Schwachstelle (CVE-2024-52940). Werden in den betroffenen Windows-Versionen von AnyDesk Windows Direktverbindungen zulassen aktiviert, legt die Software versehentlich eine öffentliche IP-Adresse im Netzwerkverkehr offen. Der Angreifer muss die AnyDesk-ID … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/19/anydesk-fuer-windows-schwachstelle-cve-2024-52940-bis-version-8-1-0/
-
Sicherheitsinfos: CISA erweitert Schwachstellenliste (Palo Alto Networks, Progress Kemp) und mehr
Kleiner Sammelbeitrag in Richtung Sicherheit. Die CISA hat gerade ihre Schwachstellenliste um CVEs zu Palo Alto Networks, Progress Kemp (LoadMaster) erweitert und vor einigen Tagen die Liste der 2023 am häufigsten angegriffenen Schwachstellen veröffentlich. Darüber hinaus gibt es Meldungen zu … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/19/sicherheitsinfos-cisa-erweitert-schwachstellenliste-palo-alto-networks-progress-kemp-und-mehr/
-
Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)
Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/19/cve-2024-21287/
-
Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek
Palo Alto Networks has released patches and CVEs for the firewall zero-days exploited in what the company calls Operation Lunar Peek. The post Palo Alto Patches Firewall Zero-Day Exploited in Operation Lunar Peek appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/palo-alto-patches-firewall-zero-day-exploited-in-operation-lunar-peek/
-
U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Progress Kemp LoadMaster, Palo Alto Networks PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the above vulnerabilities: CVE-2024-1212 is a Progress Kemp LoadMaster…
-
Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was First seen…
-
CISA Alert: Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws
Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged.The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was First seen…
-
Recently disclosed VMware vCenter Server bugs are actively exploited in attacks
Threat actors are actively exploiting two VMware vCenter Server vulnerabilities tracked as CVE-2024-38812 and CVE-2024-38813, Broadcom warns. Broadcom warns that the two VMware vCenter Server vulnerabilities CVE-2024-38812 and CVE-2024-38813 are actively exploited in the wild. >>Updated advisory to note that VMware by Broadcom confirmed that exploitation has occurred in the wild for CVE-2024-38812 and CVE-2024-38813.
-
VMware Discloses Exploitation of HardFix vCenter Server Flaw
The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage. The post VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vmware-discloses-exploitation-of-hard-to-fix-vcenter-server-flaw/
-
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/18/cve-2024-0012-cve-2024-9474/
-
Palo Alto Networks’ customer migration tool hit by trio of CVE exploits
CISA warned of two critical and actively exploited vulnerabilities in Expedition one week after another CVE came under active exploitation in the same product. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/palo-alto-networks-migration-tool-exploits/733072/
-
Critical Really Simple Security plugin flaw impacts 4M+ WordPress sites
A Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. It’s one of the most critical WordPress vulnerabilities ever. Wordfence researchers warn of a vulnerability, tracked as CVE-2024-10924 (CVSS Score of 9.8), in the Really Simple Security plugin that affects 4M+ sites. The Really Simple Security plugin, formerly Really Simple SSL, is…
-
GeoVision 0-Day Vulnerability Exploited in the Wild
Tags: authentication, cve, cvss, cyber, cybersecurity, exploit, flaw, injection, vulnerability, zero-dayCybersecurity researchers have detected the active exploitation of a zero-day vulnerability in GeoVision devices, which the manufacturer no longer supports. The vulnerability, now designated as CVE-2024-11120, has been assigned a high-severity CVSS score of 9.8 and used by a sophisticated botnet. The security flaw is a pre-authentication command injection vulnerability, which allows attackers to execute arbitrary…
-
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site.The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The…
-
Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/17/week-in-review-microsoft-patches-actively-exploited-0-days-amazon-and-hsbc-employee-data-leaked/
-
A botnet exploits e GeoVision zero-day to compromise EoL devices
A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. Researchers at the Shadowserver Foundation observed a botnet exploiting a zero-day in GeoVision EOL (end-of-Life) devices to compromise devices in the wild. The GeoVision zero-day, tracked as CVE-2024-11120 (CVSS 9.8), is a pre-auth command injection vulnerability…
-
MSSP Market Update: Microsoft Adds Machine-Readable Files to CVE Releases
First seen on scworld.com Jump to article: www.scworld.com/news/mssp-market-update-microsoft-adds-machine-readable-files-to-cve-releases
-
Exchange 2016/2019 warnen nun vor Ausnutzung der Spoofing-Schwachstelle CVE-2024-49040 in E-Mails
Mit dem Sicherheitsupdate vom November 2024 hat Microsoft seine Exchange 2016- und Exchange 2019-Server mit einer neuen Funktion versehen. Microsoft Exchange warnt nun bei empfangen zu E-Mails, die eine Spoofing-Schwachstelle (Exchange Server non-RFC compliant P2 FROM header detection) ausnutzen. Einziges … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/16/exchange-2016-2019-warnen-nun-vor-ausnutzung-einer-spoofing-schwachstelle-in-e-mails/
-
Schwachstelle in CrushFTP; aktualisieren
Kurzer Hinweis an Nutzer, die CrushFTP verwenden. Ein Blog-Leser hat mich darüber informiert, dass dort eine gravierende Schwachstelle entdeckt worden sei (öffentlich gemacht am 11. November 2024). Es gibt aber Updates, bei denen diese Schwachstelle, für die noch kein CVE … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/15/schwachstelle-in-crushftp-aktualisieren/
-
Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely
A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious actors to remotely compromise affected devices. The vulnerability, identified as CVE-2024-11237, affects TP-Link VN020 F3v(T) routers running firmware version TT_V6.2.1021, which are primarily deployed through Tunisie Telecom and Topnet ISPs. Similar variants of the router used in Algeria and Morocco are…
-
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog. The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-warns-of-two-more-palo-alto-expedition-flaws-exploited-in-attacks/
-
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/15/cve-2024-9463-cve-2024-9465/