Security Affairs

SEPTEMBER 16, 2024

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. “If exploited, this vulnerability would allow an authenticated user to abuse the service, resulting in remote code execution.” and prior versions. ” reads the advisory.

Authentication 134

Authentication Hacking Information Security 134

Security Affairs

JUNE 16, 2024

Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting seven router models. impacting multiple devices.

Authentication 130

Authentication Firmware VPN Manufacturing 130

Security Affairs

JANUARY 31, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Apple improper authentication bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added an Apple improper authentication bug, tracked as CVE-2022-48618 , to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication 132

Authentication Cybersecurity Risk Information Security 132

The Last Watchdog

DECEMBER 5, 2024

5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the industrys leading information security magazine. Alisa Viejo, Calif.,

InfoSec 130

InfoSec Cyber Risk CISO Cybersecurity 130

Security Affairs

JANUARY 28, 2024

Multiple proof-of-concept (PoC) exploits for recently disclosed critical Jenkins vulnerability CVE-2024-23897 have been released. Researchers warn that several proof-of-concept (PoC) exploits targeting the recently disclosed critical Jenkins vulnerability, CVE-2024-23897 , have been made public. Exploits are already available.

Authentication 142

Authentication Internet Internet Hacking 142

Security Affairs

MAY 29, 2024

The advisory published by the company states that the attacks targeted the endpoints supporting the cross-origin authentication feature, the attacks hit several customers. The identity and access management firm observed suspicious activity that started on April 15. ” reads advisory. ” reads advisory.

Authentication 125

Authentication Accountability Passwords Data breaches 125

Security Affairs

MARCH 12, 2024

Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 that address 59 security vulnerabilities in its products. ” reads the advisory.

Internet 136

Internet Internet Authentication Hacking 136

Security Affairs

JANUARY 9, 2024

Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. The critical vulnerabilities are: CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability. CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability.

Authentication 133

Authentication Internet Internet Hacking 133

Security Affairs

OCTOBER 11, 2024

Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Attackers accessed targets via VPN gateways lacking multifactor authentication, some of which ran outdated software. ” concludes Sophos.

Backups 130

Backups Ransomware VPN Authentication 130

Security Affairs

JULY 25, 2024

Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes. ” reads the report published by the company.

Software 122

Software Authentication Hacking Accountability 122

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. A post about the Change breach from RansomHub on April 8, 2024.

Healthcare 283

Healthcare Insurance Computers and Electronics Data breaches 283

Security Affairs

JULY 29, 2024

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) The flaw is an authentication bypass vulnerability in VMware ESXi.

Ransomware 135

Ransomware Engineering Encryption Authentication 135

Security Affairs

JUNE 11, 2024

A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 and a proof of concept exploit for this issue.

Backups 133

Backups Authentication Software Hacking 133

Security Affairs

APRIL 2, 2024

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10.

Firmware 133

Firmware Authentication Engineering Hacking 133

Security Affairs

SEPTEMBER 11, 2024

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. ” The four actively exploited zero-day vulnerabilities are: CVE-2024-38014 – Windows Installer Elevation of Privilege Vulnerability.

Social Engineering 128

Social Engineering IoT Engineering Authentication 128

Security Affairs

JANUARY 10, 2024

Cisco addressed a critical Unity Connection security flaw that can be exploited by an unauthenticated attacker to get root privileges. Cisco has addressed a critical flaw, tracked as CVE-2024-20272, in its Unity Connection that can be exploited by a remote, unauthenticated attacker to gain root privileges on vulnerable devices.

Authentication 138

Authentication Hacking Software Information Security 138

Security Affairs

FEBRUARY 21, 2024

VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245 (CVSS score: 9.6).

Authentication 141

Authentication Ransomware Software Information Security 141

Security Affairs

JANUARY 24, 2024

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT.

Authentication 134

Authentication Hacking Engineering Encryption 134

Security Affairs

AUGUST 28, 2024

Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) is an authentication bypass vulnerability in VMware ESXi.

Ransomware 126

Ransomware Authentication Encryption VPN 126

Security Affairs

OCTOBER 20, 2024

F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system.

Authentication 136

Authentication Hacking Technology Information Security 136

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability impacting its Cloud Services Appliance (CSA) solution. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. ” reads the advisory published by the company.

Authentication 105

Authentication Software Hacking Information Security 105

Security Affairs

JULY 1, 2024

Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation attempts for the critical vulnerability CVE-2024-0769 (CVSS score 9.8) impacting all D-Link DIR-859 WiFi routers. ” concludes GreyNoise.

Passwords 133

Passwords Accountability Authentication Internet 133

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). could allow a remote authenticated attacker with admin privileges to execute arbitrary code on the core server. ” reads the advisory published by the company.

Software 129

Software Authentication IoT Hacking 129

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

MARCH 5, 2024

Rapid7 researchers disclosed two new critical security vulnerabilities, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score:7.3), in JetBrains TeamCity On-Premises. An attacker can exploit the vulnerabilities to take control of affected systems. ” reads the advisory published by JetBrains.

Software 135

Software Authentication Hacking Information Security 135

Security Affairs

NOVEMBER 13, 2024

Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. The vulnerability CVE-2024-45421 (CVSS score of 8.5) is a buffer overflow issue that an authenticated attacker could exploit.

Authentication 114

Authentication Mobile Hacking Information Security 114

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. “An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, x), Ivanti Policy Secure (9.x, x), Ivanti Policy Secure (9.x,

Authentication 132

Authentication Software Internet Internet 132

Security Affairs

MAY 21, 2024

The most severe vulnerability is a flaw tracked as CVE-2024-27130. The WatchTowr Labs researchers also published technical details of the flaw CVE-2024-27130 and a proof of concept (PoC) exploit code. The WatchTowr Labs researchers also published technical details of the flaw CVE-2024-27130 and a proof of concept (PoC) exploit code.

Authentication 134

Authentication Accountability Social Engineering Engineering 134

Security Affairs

JULY 12, 2024

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Additionally, Expedition provides automation and best practice adoption to improve security posture and operational efficiency. ” The remaining issues addressed by the security vendor are: 6.8

Authentication 131

Authentication Firewall Accountability Hacking 131

Security Affairs

MARCH 20, 2024

Multiple threat actors are exploiting the recently disclosed JetBrains TeamCity flaw CVE-2024-27198 in attacks in the wild. Trend Micro researchers are exploiting the recently disclosed vulnerabilities CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score 7.3) reads the advisory published by JetBrains.

Malware 136

Malware Authentication Cryptocurrency Ransomware 136

Security Affairs

MARCH 11, 2024

Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. “The Progress OpenEdge team recently identified a security vulnerability in OpenEdge Release 11.7.18 If a match occurs, authentication is granted.

Software 136

Software Authentication Passwords Engineering 136

Security Affairs

SEPTEMBER 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-7593 (CVSS score of 9.8) Successful exploitation could lead to authentication bypass and creation of an administrator user.” to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication 133

Authentication Software Internet Internet 133

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. For more information about Exchange Server’s support for Extended Protection for Authentication(EPA), please see Configure Windows Extended Protection in Exchange Server.”

Information Security 138

Information Security Internet Internet Healthcare 138

Security Affairs

JUNE 14, 2024

CVE-2024-26169 is an elevation of privilege issue in the Microsoft Windows Error Reporting Service that can be exploited to could gain SYSTEM privileges. CVE-2024-4358 is an authentication bypass vulnerability that an unauthenticated attacker can exploit to gain access to Telerik Report Server restricted functionality.

Firmware 130

Firmware Authentication Hacking Cybersecurity 130

Security Affairs

MAY 23, 2024

Below is the list of the addressed vulnerabilities: CVE Description CVSS Vector CVE-2024-29822 An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Authentication 128

Authentication Hacking Information Security 128

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) Remote attackers could bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware , which only validates POST requests. . to its Known Exploited Vulnerabilities (KEV) catalog.

DNS 109

DNS Authentication Ransomware Hacking 109