Vulnerabilities

Check Point has released hotfixes for a VPN vulnerability used in attacks to gain remote access to firewalls and try to breach corporate networks. On Monday, the company warned about an increase in attacks on VPN devices and provided recommendations on how admins can protect their devices. The CVE-2024-24919 vulnerability …

In December 2023, The First American Financial Corporation, a major title insurance company in the US, experienced a cyberattack. This resulted in the personal information of approximately 44,000 individuals being exposed. The company disclosed this data breach to the US Securities and Exchange Commission (SEC) on May 28, 2024. This …

Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution. Horizon3’s Attack Team released a demonstration of a security vulnerability, identified as CVE-2024-23108, in Fortinet’s SIEM solution. This vulnerability allows attackers to run commands as the most powerful user on publicly accessible FortiSIEM devices. …

Check Point warned that threat actors are targeting their Remote Access VPN devices in an ongoing campaign to breach enterprise networks. Remote Access is included in all Check Point network firewalls. It can be set up as a client-to-site VPN for accessing corporate networks using VPN clients, or as an …

A serious security flaw has been found in the TP-Link Archer C5400X gaming router. It could allow remote code execution on vulnerable devices by sending specific requests. The vulnerability CVE-2024-5035 has a CVSS score of 10.0 and affects all versions of the router firmware up to 1_1.1.6. It has been …

Jeremiah Fowler, a security researcher, claimed to discover a major vulnerability in India’s data security. He found an unprotected database with a large amount of biometric data, such as fingerprints, facial scans, and other sensitive information, belonging to millions of Indian citizens. Jeremiah Fowler published his findings on global planet. …

CISA warns Apache Flink users about a critical vulnerability. Cybercriminals are exploiting this flaw to compromise systems. Apache Flink is a widely used open-source platform for processing large datasets in real-time analytics, machine learning, and data-intensive applications. Its capability to handle both bounded and unbounded data streams makes it a …

Cisco, a global network solutions leader, has reported a security issue with its Firepower Management Center (FMC) software. This vulnerability, known as CVE-2024-20360, has a CVSS score of 8.8, indicating a high severity level and a risk of widespread exploitation. The vulnerability comes from not checking the input correctly in …

Fluent Bit, a widely used logging utility, has a critical vulnerability. This vulnerability can lead to denial-of-service attacks, information disclosure, and potentially remote code execution (RCE). Tenable, a cybersecurity firm, discovered this vulnerability. Fluent Bit is an open source tool that collects and processes large amounts of log data from …

Hackers target Bangladeshi many WordPress based e-commerce sites for their illegal activities. Getting access they are now offer to sell the taken access on the dark web. But, the alarming issue is that on those post not any specific site name has been mentioned. So, this is really difficult to …