Vulnerabilities

Northwave Cyber Security has found a sophisticated backdoor, LITTLELAMB.WOOLTEA, targeting Palo Alto Networks firewalls. Northwave researcher claimed the backdoor was found during a forensic investigation of a compromised Palo Alto Networks device. Attackers exploited a recently disclosed vulnerability (CVE-2024-9474) to enter the system and deploy a malicious script called bwmupdate, …

Adobe has issued urgent security updates for ColdFusion versions 2023 and 2021 to fix a critical vulnerability (CVE-2024-53961). This flaw allows attackers to read arbitrary files from the system, risking exposure of sensitive data and configuration files. It results from improper path limitations, enabling unauthorized access outside the intended directory. …

CISA has released eight advisories on vulnerabilities in Industrial Control Systems (ICS). These vulnerabilities affect essential software and hardware in different industries, risking service disruptions, unauthorized access, and malicious code execution. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi Energy SDM600 ICSA-24-354-03 Delta Electronics DTM Soft ICSA-24-354-04 Siemens User Management …

Sophos has fixed three separate security vulnerabilities in Sophos Firewall.  The vulnerabilities CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729 present major risks, such as remote code execution and privilege escalation. Applies to the following Sophos product(s) and version(s): Sophos Firewall v21.0 GA and earlier No action is needed for Sophos Firewall customers who …

Kaspersky’s Global Emergency Response Team (GERT) found that attackers are exploiting a patched SQL injection vulnerability (CVE-2023-48788) in Fortinet FortiClient EMS, affecting versions 7.0.1 to 7.0.10 and 7.2.0 to 7.2.2. Even with available patches, many systems remain unupdated, allowing unauthorized code execution and compromise of networks. According to the report, …

More than 25,000 SonicWall SSL VPN devices are vulnerable to critical flaws, with 20,000 running outdated SonicOS/OSX firmware that is no longer supported. This analysis by cybersecurity firm Bishop Fox was prompted by key vulnerabilities disclosed this year in SonicWall devices. Ransomware groups, like Fog and Akira, have recently exploited …

Cybersecurity expert, Jeremiah Fowler discovered an unsecured database containing almost 5 million records reportedly relating to Care1 — a Canadian company offering AI software solutions. He reported to VPN mentor that the publicly exposed database was unprotected, passwordless, and not encrypted, totaling 2.2 TB. It included records in PDF format …

GitLab has released a critical security update for several versions of its platform, including versions 17.6.2, 17.5.4, and 17.4.6 for both Community and Enterprise Editions. This update fixes vulnerabilities that could result in account takeovers, denial of service attacks, and data leaks. CVE-2024-11274 (CVSS 8.7) is a critical vulnerability that …

A federal court in Hammond, Indiana, has unsealed an indictment against Guan Tianfeng, a Chinese citizen, for allegedly hacking firewall devices globally in 2020. Guan and his co-conspirators, employed by Sichuan Silence Information Technology Co. Ltd., targeted a previously unknown vulnerability (an “0-day” vulnerability) in firewalls produced by U.K.-based Sophos …

A newly found zero-day vulnerability lets attackers steal NTLM credentials by manipulating targets into opening a malicious file in Windows Explorer. The 0patch team found a flaw and reported it to Microsoft, but no official fix has been released yet. 0patch reports that the issue affects all Windows versions from …