Vulnerabilities

Cisco warned about a serious security issue called “regreSSHion” (CVE-2024-6387) that affects the OpenSSH server in some Cisco products and cloud services. This could let unauthorized attackers run their own code on affected systems, possibly taking full control of the system. The following table lists Cisco products that are affected …

Microsoft’s cybersecurity team found two major vulnerabilities in Rockwell Automation’s PanelView Plus, a widely used human-machine interface in industrial settings. There are two vulnerabilities, CVE-2023-2071 and CVE-2023-29464, that can be used by attackers without authentication. They can use these vulnerabilities for remote code execution (RCE) and denial-of-service (DoS) attacks. The …

The Apache Software Foundation has found multiple security issues in the widely used Apache HTTP Server. These vulnerabilities could lead to denial-of-service attacks, remote code execution, and unauthorized access, putting many websites at risk of cyberattacks. CVE-2024-36387 to CVE-2024-39573 are vulnerabilities in Apache HTTP Server’s components like mod_proxy, mod_rewrite, and …

FortiGuard Labs found an attack that uses the CVE-2021-40444 vulnerability in Microsoft Office. This flaw lets attackers run harmful code through specific documents. The attack deployed a spyware called “MerkSpy” which secretly watches user activities, collects sensitive information, and stays on compromised systems. The attack starts with a harmless-looking Microsoft …

Researchers said, threat actor exploiting vulnerabilities in Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839 to deploy cryptocurrency miners via PowerShell scripts. Trend Micro researchers published a new analysis by Ahmed Mohamed Ibrahim, Shubham Singh, and Sunil Bharti. “The threat actor employs fileless execution techniques, using DLL reflective and process injection, …

GitLab, a platform for DevOps tools, released critical updates for its Community Edition (CE) and Enterprise Edition (EE). The new versions, 17.1.1, 17.0.3, and 16.11.5, include security and bug fixes. Users should upgrade now to protect their installations from possible exploits. Key Security Fixes: CVE-2024-5655 (CVSS 9.6) – Run Pipelines …

Several vulnerabilities have been found in the TP-Link Omada system, which is a popular software-defined networking solution for small to medium-sized businesses. The vulnerabilities could let attackers run code from a distance, causing serious security issues. The affected devices are wireless access points, routers, switches, VPN devices, and hardware controllers …

ESET Issued security patch for privilege escalation flaw in its Windows security products. This flaw, called CVE-2024-2003 (CVSS 7.3), was found by the Zero Day Initiative (ZDI). It could have let attackers gain access to important files and folders without permission. The vulnerability exploited ESET’s file operations while restoring quarantined …

VMware has fixed critical security flaws in Cloud Foundation, vCenter Server, and vSphere ESXi. These flaws could be used for privilege escalation and remote code execution. Vulnerabilities include: CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8): Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could allow an unauthorized individual …

In late 2023, Sygnia researchers investigated a cyber incident involving a major organization that was reportedly caused by a threat group known as ‘Velvet Ant.’ The cyberspies deployed custom malware on F5 BIG-IP appliances to gain persistent access to the internal network of the target organization and steal sensitive data. …