Monday , December 23 2024

Vulnerabilities

Juniper warns of critical RCE bug in firewalls and switches

juniper

Juniper Networks released security updates to fix a critical vulnerability in its SRX Series firewalls and EX Series switches. The vulnerability allows remote code execution (RCE) without authentication. A critical security flaw named CVE-2024-21591 was found in devices’ J-Web configuration interfaces. It can be exploited by unauthenticated attackers to gain …

Read More »

CISA Adds One Known Exploited Vulnerability to Catalog

CVE

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-29357 Microsoft SharePoint Server Privilege Escalation Vulnerability. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. CVE-2023-29357 Detail: Description: Microsoft SharePoint …

Read More »

CISA Flags 6 Vulnerabilities – Apple, Apache, Adobe , D-Link, Joomla Under Attack

CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified six security vulnerabilities that are being actively exploited. These vulnerabilities have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-27524 is a high-severity vulnerability in Apache Superset. It has a CVSS score of 8.9 and could allow remote code …

Read More »

Fortinet Releases Security Updates for FortiOS and FortiProxy

Fortinet

Fortinet released a security update for FortiOS and FortiProxy software to fix a vulnerability. This vulnerability could allow a cyber threat actor to take control of a system. CISA recommends that users and administrators review security bulletin FG-IR-23-315 for FortiOS & FortiProxy and install updates as needed. Fortiguard PSIRT posted …

Read More »

Apache RocketMQ servers vulnerable to RCE attacks

RocketMQ

Security researchers found that Apache RocketMQ services are being targeted by malicious activities. The vulnerabilities, known as CVE-2023-33246 and CVE-2023-37582, remain a serious threat even after the vendor released patches in May 2023. Vulnerability Overview: The CVE-2023-33246 affected different parts of RocketMQ, such as NameServer, Broker, and Controller. Rongtong Jin, …

Read More »

CISA Released Three Industrial Control Systems Advisories

industrial control system

CISA released three ICS advisories on January 4, 2024. These advisories give important information about security issues, vulnerabilities, and exploits concerning ICS. ICSA-24-004-01 Rockwell Automation FactoryTalk Activation: Vulnarability overview Rockwell Automation FactoryTalk Activation Manager and Studio 5000 Logix Designer uses the affected Wibu-Systems’ products which internally use a version of …

Read More »

F5 releases security advisories for multiple vulnerabilities

F5 releases security advisory for multiple vulnerabilities including K000132893: GRUB2 vulnerability CVE-2022-28733. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands …

Read More »

2024 strong start
Google’s Mandiant recover its x (twitter) account after hacked

Mandiant

Google’s cybersecurity firm Mandiant get back its x (twitter) account after being taken over by someone sharing links to a cryptocurrency platform. On Wednesday afternoon around 3:30 pm EST, the scammar took the control over mandiant’s x account, renamed it as phantom and tweeted out links to a company called …

Read More »