Vulnerabilities

GitLab has released a critical security update for several versions of its platform, including versions 17.6.2, 17.5.4, and 17.4.6 for both Community and Enterprise Editions. This update fixes vulnerabilities that could result in account takeovers, denial of service attacks, and data leaks. CVE-2024-11274 (CVSS 8.7) is a critical vulnerability that …

A federal court in Hammond, Indiana, has unsealed an indictment against Guan Tianfeng, a Chinese citizen, for allegedly hacking firewall devices globally in 2020. Guan and his co-conspirators, employed by Sichuan Silence Information Technology Co. Ltd., targeted a previously unknown vulnerability (an “0-day” vulnerability) in firewalls produced by U.K.-based Sophos …

A newly found zero-day vulnerability lets attackers steal NTLM credentials by manipulating targets into opening a malicious file in Windows Explorer. The 0patch team found a flaw and reported it to Microsoft, but no official fix has been released yet. 0patch reports that the issue affects all Windows versions from …

On December 5, 2024, CISA issued two advisories regarding Industrial Control Systems (ICS). These advisories highlight current security issues, vulnerabilities, and exploits in ICS. Vulnerabilities found in AutomationDirect’s C-More EA9 Programming Software and Planet Technology’s WGS-804HPT switch could severely threaten critical infrastructure if exploited. ICSA-24-340-01 AutomationDirect C-More EA9 Programming Software: …

DroidBot is a sophisticated Android Remote Access Trojan (RAT) that merges traditional hidden VNC and overlay functions with spyware-like features. It includes a keylogger and monitoring tools for intercepting user actions, making it effective for surveillance and stealing credentials. A key feature of DroidBot is its dual-channel communication: it uses …

Brain Cipher, a ransomware group that emerged in June 2024, claims to have stolen 1TB of data from Deloitte UK, but this has not been verified. Deloitte, a top professional services firm, is the newest victim listed on Brain Cipher’s dark web site. Hackers claim to have stolen over 1TB …

Multiple vulnerabilities found in I-O DATA routers UD-LT1 and UD-LT1/EX are being actively exploited. JPCERT/CC, a Japanese cybersecurity organization, has warned that these issues could lead to serious attacks, including credential theft, command execution, and total firewall bypass. “The developer states that attacks exploiting these vulnerabilities have been observed,” warns …

National Security Agency (NSA), The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) jointly published guideline to enhanced visibility and hardening guidance for communications infrastructure providing best practices to protect against PRC affiliated threat actor. According to the guideline above mentioned threat actor has compromised networks …

CISA has issued an alert about three critical security vulnerabilities that are currently being exploited. These issues are now part of CISA’s Known Exploited Vulnerabilities (KEV) catalog and require urgent action from organizations and individuals to avoid potential risks. Vulnerability Breakdown: CVE-2023-45727 (CVSS 7.5): A vulnerability in Proself Enterprise/Standard Edition, …

Cisco has released an updated security advisory about CVE-2014-2120, a vulnerability in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software. This flaw, disclosed in 2014, allows unauthenticated remote attackers to perform cross-site scripting (XSS) attacks on WebVPN users. The advisory highlights that this vulnerability is currently being …