Tag: cve
-
CISA Warns of Actors Exploiting Two Palo Alto Networks Vulnerabilities
Tags: cisa, cve, cyber, cybersecurity, exploit, infrastructure, kev, malicious, network, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert and added two new vulnerabilities related to Palo Alto Networks to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, CVE-2024-9463 and CVE-2024-9465, are reportedly actively exploited by malicious cyber actors. CISA emphasizes that both vulnerabilities pose significant risks, particularly to federal systems. CVE-2024-9463: Palo…
-
High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables
Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure.The vulnerability, tracked as CVE-2024-10979, carries a CVSS score of 8.8.Environment variables are user-defined values that can allow a program First seen on thehackernews.com…
-
Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices
The exploitation of the recently disclosed ‘won’t fix’ issue CVE-2024-10914 in legacy D-Link NAS devices began days after its disclosure. Days after D-Link announced it wouldn’t patch a critical vulnerability, tracked as CVE-2024-10914 (CVSS score of 9.8), in legacy D-Link NAS devices, that threat actors started attempting to exploit. The vulnerability CVE-2024-10914 is a command…
-
NIST Clears Backlog of Known Security Flaws but Not All Vulnerabilities
NIST, the embattled agency that analyzes security vulnerabilities, has cleared the backlog of known CVEs that hadn’t been processed but needs more time to clear the entire backlog of unanalyzed flaws. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/nist-clears-backlog-of-known-security-flaws-but-not-all-vulnerabilities/
-
Citrix Session Recording users warned of CVEs that allow hackers to gain control
Security researchers at watchTowr discovered the flaw and claim attackers can gain access without authentication, a finding which Citrix disputes. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/citrix-session-recording-cves-hackers/732794/
-
NIST is chipping away at NVD backlog
The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/14/nist-nvd-backlog/
-
NIST Explains Why It Failed to Clear CVE Backlog
NIST says all known exploited CVEs in the backlog have been addressed, but admitted that clearing the entire backlog by October was optimistic. The post NIST Explains Why It Failed to Clear CVE Backlog appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/nist-explains-why-it-failed-to-clear-cve-backlog/
-
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild.The vulnerability, tracke… First seen on thehackernews.com Jump to article: thehackernews.com/2024/11/google-warns-of-actively-exploited-cve.html
-
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)
CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/14/cve-2024-43451-exploited/
-
Google to Issue CVEs for Critical Cloud Vulnerabilities
Google Cloud has announced a significant step forward in its commitment to transparency and security by stating it will begin issuing Common Vulnerabilities and Exposures (CVEs) for critical vulnerabilities found in its cloud services. This move, which underscores Google’s dedication to helping enterprises and government agencies protect against potential security threats, is set to enhance…
-
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was…
-
Right-Click to Hack: Zero-Day CVE-2024-43451 Vulnerability Targets Windows Users
ClearSky Cyber Security has uncovered a new zero-day vulnerability, CVE-2024-43451, actively exploited in the wild, targeting Windows systems primarily in Ukraine. This flaw enables attackers to exploit URL files for... First seen on securityonline.info Jump to article: securityonline.info/right-click-to-hack-zero-day-cve-2024-43451-vulnerability-targets-windows-users/
-
Google Cloud to Assign CVEs to Critical Vulnerabilities
Google Cloud will be assigning CVE identifiers to serious cloud vulnerabilities, even ones that don’t require patching. The post Google Cloud to Assign CVEs to Critical Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-cloud-to-assign-cves-to-critical-vulnerabilities/
-
Zero-days from top security vendors were most exploited CVEs in 2023
The top five vulnerabilities exploited by attackers last were found in security gear from Citrix, Cisco and Fortinet, the Five Eyes’ cyber agencies found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/security-vendors-zero-days-top-cve-exploits/732814/
-
Zoom addressed two high-severity issues in its platform
Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Zoom addressed six vulnerabilities in its video conferencing and communication platform. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information.…
-
Internet-Explorer-Schwachstelle kann zu einem totalen Verlust der Vertraulichkeit führen
‘CVE-2024-43451 nutzt die Überreste der MSHTML-Komponente von Internet-Explorer über die Web-Browser-Steuerung aus. Diese Schwachstelle ermöglicht es Angreifern, den NTLMv2-Hash eines Benutzers mit minimaler Interaktion zu erfassen, z. B. durch einen einzigen Klick oder einen Rechtsklick auf eine bösartige Datei. Der Besitz dieses Hashes ermöglicht es Angreifern, sich als Benutzer zu authentifizieren, was zu unbefugtem Zugriff…
-
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which CVE-2024-43451 and CVE-2024-49039 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/12/cve-2024-43451-cve-2024-49039/
-
Critical Veeam CVE targeted by new ransomware variant
Multiple ransomware variants are now targeting the CVE, which has a CVSS of 9.8. For customers, the risk of exploitation is only increasing. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/veeam-cve-exploit-frag-ransomware/732670/
-
HPE Issues Urgent Patches for Critical Vulnerabilities in Aruba Networking Access Points
Hewlett Packard Enterprise (HPE) has issued critical security patches to address several vulnerabilities affecting its Aruba Networking Access Point products. These vulnerabilities (CVE-2024-42509 and CVE-2024-47460), including two particularly severe flaws, could allow unauthenticated attackers to execute arbitrary commands remotely, potentially compromising the security of affected systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hpe-security-patches-cve-2024-42509/
-
Amazon Confirms Employee Data Breach Via Third-party Vendor
Amazon has confirmed that sensitive employee data was exposed due to a breach at a third-party vendor. The breach arose from exploiting a critical vulnerability in MOVEit, a widely used file transfer software. The vulnerability, first reported in mid-2023 under the code CVE-2023-34362, has been linked to a massive leak of corporate information affecting multiple…
-
CVE-2024-42028 gefährdet selbst gehostete Server – Kritische Sicherheitslücke in Ubiquiti Unifi Network Server
First seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecke-unifi-network-application-a-7a7c66c7a2f604b2024e59a1efe28507/
-
DEF CON 32 Outlook Unleashing RCE Chaos CVE 2024 30103
Authors/Presenters: Michael Gorelik, Arnold Osipov Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/def-con-32-outlook-unleashing-rce-chaos-cve-2024-30103/
-
New Remcos RAT Variant Targets Windows Users Via Phishing
The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/remcos-rat-variant-targets-windows/
-
Veeam Backup Replication exploit reused in new Frag ransomware attack
A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerabilityCVE-2024-40711in Veeam Backup & Replication to create rogue accounts and deploy malware. In early September 2024, Veeamreleasedsecurity updates to address multiple vulnerabilities impacting…
-
Understand CVE vs CVSS for Improved Cybersecurity
CWEs and CVEs have similarities and differences. Understanding both can help you keep your organization secure. Staying ahead of vulnerabilities is critical for any cybersecurity pro tasked with protecting an organization’s assets and data in a constantly shifting threat landscape. The Common Vulnerabilities and Exposures (CVE) system and the Common Vulnerability Scoring System (CVSS) are……
-
Oracle WebLogic Server Remote Code Execution Vulnerability (CVE-2024-21216)
Overview Recently, NSFOCUS CERT detected that Oracle issued a security announcement and fixed the deserialization vulnerability in WebLogic Server (CVE-2024-21216). Since WebLogic does not strictly filter incoming data through the T3/IIOP protocol, when the T3/IIOP protocol is enabled, an unauthenticated remote attacker sends a special request to the server through the T3/IIOP protocol to execute…The…
-
Ivanti zero-day vulnerabilities exploited in chained attack
The new exploit chains targeting Ivanti Cloud Service Application customers are connected to a previously disclosed critical path traversal flaw, CVE-… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613041/Ivanti-zero-day-vulnerabilities-exploited-in-chained-attack