Vulnerabilities

Zyxel has released patches addressing command injection and remote code execution vulnerabilities in two NAS products that have reached end-of-vulnerability-support. Users are advised to install them for optimal protection. Three out of five vulnerabilities could allow an unauthorized attacker to run operating system commands and arbitrary code on affected installations. …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog. CVE-2017-3506 is an operating system (OS) command injection vulnerability which could be exploited to obtain unauthorized access as well as the full control. “Oracle WebLogic Server, a product within the …

Over 600,000 small office/home office (SOHO) routers were disabled in a cyber attack, cutting off users’ internet access. Security analysts at Lumen Technologies’ Black Lotus Labs discovered and reported on an attack in a recent blog post. There was a mysterious event in the U.S. that happened from October 25 …

NGINX team released important updates for their web server software and is advising users to upgrade as soon as possible. The updates fix four important vulnerabilities in the HTTP/3 implementation, especially affecting configurations using the “ngx_http_v3_module.” CVE-2024-32760: A vulnerability in NGINX Plus or NGINX OSS causes HTTP/3 QUIC module to …

CISA added a security flaw in the Linux kernel to the KEV catalog. This flaw is being actively exploited. The CVE-2024-1086 (CVSS score: 7.8) is a high-severity issue. It is related to a use-after-free bug in the netfilter component. This bug allows a local attacker to gain root privileges from …

Check Point has released hotfixes for a VPN vulnerability used in attacks to gain remote access to firewalls and try to breach corporate networks. On Monday, the company warned about an increase in attacks on VPN devices and provided recommendations on how admins can protect their devices. The CVE-2024-24919 vulnerability …

In December 2023, The First American Financial Corporation, a major title insurance company in the US, experienced a cyberattack. This resulted in the personal information of approximately 44,000 individuals being exposed. The company disclosed this data breach to the US Securities and Exchange Commission (SEC) on May 28, 2024. This …

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Horizon3’s Attack Team released a demonstration of a security vulnerability, identified as CVE-2024-23108, in Fortinet’s SIEM solution. This vulnerability allows attackers to run commands as the most powerful user on publicly accessible FortiSIEM devices. …

Check Point warned that threat actors are targeting their Remote Access VPN devices in an ongoing campaign to breach enterprise networks. Remote Access is included in all Check Point network firewalls. It can be set up as a client-to-site VPN for accessing corporate networks using VPN clients, or as an …

A serious security flaw has been found in the TP-Link Archer C5400X gaming router. It could allow remote code execution on vulnerable devices by sending specific requests. The vulnerability CVE-2024-5035 has a CVSS score of 10.0 and affects all versions of the router firmware up to 1_1.1.6. It has been …