Vulnerabilities

Cybersecurity researchers at Trend Micro discovered an exploitation of CVE-2023-36025 leading to the spread of a new type of malware called Phemedrone Stealer. Phemedrone Stealer is a malware that targets web browsers, cryptocurrency wallets, and messaging apps like Telegram, Steam, and Discord. It not only steals data, but also takes …

In a blog post BishopFox said, SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities with the potential for remote code execution. SonicWall published advisories for CVE-2022-22274 and CVE-2023-0656 a year apart and reported that no exploitation had been observed in the wild; …

Juniper Networks released security updates to fix a critical vulnerability in its SRX Series firewalls and EX Series switches. The vulnerability allows remote code execution (RCE) without authentication. A critical security flaw named CVE-2024-21591 was found in devices’ J-Web configuration interfaces. It can be exploited by unauthenticated attackers to gain …

Cisco released updates to fix a security flaw in Unity Connection that could allow an attacker to run commands on the system. The vulnerability CVE-2024-20272 (CVSS score: 7.3) is an arbitrary file upload bug in the web-based management interface. It happens due to a lack of authentication in a specific …

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. CVE-2023-29357 Detail: Description: Microsoft SharePoint …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified six security vulnerabilities that are being actively exploited. These vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-27524 is a high-severity vulnerability in Apache Superset. It has a CVSS score of 8.9 and could allow remote code …

Fortinet released a security update for FortiOS and FortiProxy software to fix a vulnerability. This vulnerability could allow a cyber threat actor to take control of a system. CISA recommends that users and administrators review security bulletin FG-IR-23-315 for FortiOS & FortiProxy and install updates as needed. Fortiguard PSIRT posted …

Google is focusing on improving web privacy by disabling third-party cookies on the Chrome browser. According to Anthony Chavez, VP for Privacy Sandbox, Google will test Tracking Protection, a new feature that limits cross-site tracking by restricting website access to third-party cookies by default. “We’ll roll this out to 1% …

Security researchers found that Apache RocketMQ services are being targeted by malicious activities. The vulnerabilities, known as CVE-2023-33246 and CVE-2023-37582, remain a serious threat even after the vendor released patches in May 2023. Vulnerability Overview: The CVE-2023-33246 affected different parts of RocketMQ, such as NameServer, Broker, and Controller. Rongtong Jin, …

CISA released three ICS advisories on January 4, 2024. These advisories give important information about security issues, vulnerabilities, and exploits concerning ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation: Vulnarability overview Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems’ products which internally use a version of …