Alert

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such as remote code execution and privilege escalation. Applies to the following Sophos product(s) and version(s): Sophos Firewall v21.0 GA and earlier No action is needed for Sophos Firewall customers who …

Kaspersky’s Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient EMS, affecting versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2. Even with available patches, many systems remain unupdated, allowing unauthorized code execution and compromise of networks. According to the report, …

A newly found zero-day vulnerability lets attackers steal NTLM credentials by manipulating targets into opening a malicious file in Windows Explorer. The 0patch team found a flaw and reported it to Microsoft, but no official fix has been released yet. 0patch reports that the issue affects all Windows versions from …

On December 5, 2024, CISA issued two advisories regarding Industrial Control Systems (ICS). These advisories highlight current security issues, vulnerabilities, and exploits in ICS. Vulnerabilities found in AutomationDirect’s C-More EA9 Programming Software and Planet Technology’s WGS-804HPT switch could severely threaten critical infrastructure if exploited. ICSA-24-340-01 AutomationDirect C-More EA9 Programming Software: …

Multiple vulnerabilities found in I-O DATA routers UD-LT1 and UD-LT1/EX are being actively exploited. JPCERT/CC, a Japanese cybersecurity organization, has warned that these issues could lead to serious attacks, including credential theft, command execution, and total firewall bypass. “The developer states that attacks exploiting these vulnerabilities have been observed,” warns …

National Security Agency (NSA), The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) jointly published guideline to enhanced visibility and hardening guidance for communications infrastructure providing best practices to protect against PRC affiliated threat actor. According to the guideline above mentioned threat actor has compromised networks …

CISA has issued an alert about three critical security vulnerabilities that are currently being exploited. These issues are now part of CISA’s Known Exploited Vulnerabilities (KEV) catalog and require urgent action from organizations and individuals to avoid potential risks. Vulnerability Breakdown: CVE-2023-45727 (CVSS 7.5): A vulnerability in Proself Enterprise/Standard Edition, …

Cisco has released an updated security advisory about CVE-2014-2120, a vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. This flaw, disclosed in 2014, allows unauthenticated remote attackers to perform cross-site scripting (XSS) attacks on WebVPN users. The advisory highlights that this vulnerability is currently being …

IBM revealed several critical vulnerabilities in its Security Verify Access Appliance, which could pose serious security risks to users identified as (CVE-2024-49803, CVE-2024-49804, CVE-2024-49805, CVE-2024-49806). These vulnerabilities affect versions 10.0.0 – 10.0.8 IF1. CVE-2024-49803 is a critical vulnerability with a CVSS score of 9.8. IBM cybersecurity researchers found that this …

Cybersecurity researchers are alerting users about phishing email campaigns using a toolkit called “Rockstar 2FA” to steal Microsoft 365 account credentials. These campaigns use advanced techniques to create fake landing pages resembling real Microsoft 365 login pages. Their main goal is to steal user credentials, targeting Microsoft accounts. This campaign …