Security Affairs

AUGUST 14, 2024

Microsoft’s August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5 No Yes RCE CVE-2024-38193 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important 7.8

Engineering 140

Engineering Hacking Information Security 140

Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. reads the SonicWall’s advisory.

VPN 129

VPN Ransomware Firewall Internet 129

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085.

Internet 141

Internet Internet Ransomware Authentication 141

Security Affairs

OCTOBER 24, 2024

On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24. On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event.

Hacking 128

Hacking Information Security 128

Security Affairs

SEPTEMBER 18, 2024

Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could lead to remote code execution. The company also addressed a privilege escalation vulnerability, tracked as CVE-2024-38813, in vCenter Server. ” reads the advisory.

Hacking 129

Hacking Software Information Security 129

Security Affairs

JULY 25, 2024

The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers observed a malware campaign exploiting the vulnerability CVE-2024-21412 (CVSS score: 8.1) with booby-trapped files.

Education 141

Education Malware Internet Internet 141

Tech Republic Security

APRIL 11, 2024

Find the best open-source password managers to keep your sensitive information secure and easily accessible. Explore top options for protecting your passwords.

Password Management 164

Password Management Passwords Information Security 164

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. The researchers observed threat actors exploiting CVE-2024-36401 in attacks aimed at IT service providers in India, technology companies in the U.S., ” concludes the report.

Malware 135

Malware Telecommunications Encryption DDOS 135

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability CVE-2024-38814 impacts multiple versions of the HCX platform, including versions 4.8.x, x, and 4.10.x. The vulnerability was fixed with versions 4.8.3, and 4.10.1.

Authentication 131

Authentication Mobile Hacking Information Security 131

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. A post about the Change breach from RansomHub on April 8, 2024.

Healthcare 283

Healthcare Insurance Computers and Electronics Data breaches 283

Security Affairs

SEPTEMBER 16, 2024

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. The company also addressed a hardcoded credential vulnerability, tracked as CVE-2024-28990, in ARM. and prior versions. ” reads the advisory. Piotr Bazydlo also reported this vulnerability.

Authentication 135

Authentication Hacking Information Security 135

Security Affairs

SEPTEMBER 11, 2024

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. ” The four actively exploited zero-day vulnerabilities are: CVE-2024-38014 – Windows Installer Elevation of Privilege Vulnerability.

Social Engineering 129

Social Engineering IoT Engineering Authentication 129

Security Affairs

AUGUST 19, 2024

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), which has been exploited by the North Korea-linked Lazarus APT group. The vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), is a privilege escalation issue that resides in the Windows Ancillary Function Driver (AFD.sys) for WinSock.

Cryptocurrency 138

Cryptocurrency Marketing Malware Engineering 138

Security Affairs

OCTOBER 2, 2024

Threat actors attempt to exploit recently disclosed vulnerability CVE-2024-45519 in Synacor’s Zimbra Collaboration. Proofpoint cybersecurity researchers reported that threat actors are attempting to exploit a recently disclosed vulnerability, tracked as CVE-2024-45519, in Synacor’s Zimbra Collaboration. Versions 8.8.15

Hacking 123

Hacking Cybersecurity Risk Information Security 123

Security Affairs

OCTOBER 11, 2024

Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware. Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication.

Backups 130

Backups Ransomware VPN Authentication 130

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 114

Ransomware Identity Theft Data breaches Cyber threats 114

Security Affairs

DECEMBER 18, 2024

Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vulnerability CVE-2024-53677 (CVSS score of 9.5) “The vulnerability, CVE-2024-53677, appears to be related to CVE-2023-50164.

Hacking 79

Hacking Technology Software Information Security 79

Krebs on Security

DECEMBER 6, 2023

Regardless of whether the RDRS succeeds or fails, there is another European law that takes effect in 2024 which is likely to place additional pressure on registrars to respond to legitimate WHOIS data requests.

Internet 269

Internet Internet Phishing Scams 269

Security Affairs

OCTOBER 23, 2024

He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy. About Author: Anas Baig With a passion for working on disruptive products, Anas Baig is currently working as a Product Manager at the Silicon Valley based company – Securiti.ai.

Data privacy 126

Data privacy Unstructured Data Risk Data breaches 126

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Security Affairs

OCTOBER 10, 2024

Mozilla released an emergency security update for its Firefox browser to address a critical use-after-free vulnerability, tracked as CVE-2024-9680, that is actively exploited in attacks. The vulnerability CVE-2024-9680 resides in Animation timelines. Experts urge users to upgrade to the latest version as soon as possible.

Hacking 138

Hacking Information Security 138

Security Affairs

SEPTEMBER 11, 2024

The most severe vulnerabilities are two critical memory corruption flaws in Acrobat and PDF Reader, tracked as CVE-2024-41869 (CVSS score of 7.8) and CVE-2024-45112 (CVSS score of 8.6). The vulnerability CVE-2024-41869 is a Use After Free issue while the flaw CVE-2024-45112 is a Type Confusion’ bug.

Hacking 141

Hacking Software Information Security 141

Security Affairs

JULY 26, 2024

tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076. A vulnerability CVE-2024-1975 in BIND 9 allows clients to exhaust CPU resources by sending a stream of SIG(0) signed requests if the server hosts a “KEY” Resource Record or the resolver DNSSEC-validates such a record in cache.

DNS 145

DNS Software Internet Internet 145

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn.

Firmware 121

Firmware Manufacturing IoT Healthcare 121

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 132

Backups Ransomware VPN Accountability 132

Security Affairs

AUGUST 16, 2024

Microsoft urges customers to fix a critical TCP/IP remote code execution (RCE) flaw, tracked as CVE-2024-38063 (CVSS score 9.8), in the TCP/IP stack. No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5 No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5

Firewall 143

Firewall Engineering Hacking Information Security 143

Security Affairs

OCTOBER 3, 2024

Over 4,000 unpatched Adobe Commerce and Magento stores have been compromised by exploiting critical vulnerability CVE-2024-34102. Adobe warned that it is aware that CVE-2024-34102 has been exploited in the wild in limited attacks targeting Adobe Commerce merchants. Merchants are urged to implement countermeasures immediately.

Hacking 137

Hacking Passwords Cybersecurity Cybercrime 137

Security Affairs

OCTOBER 20, 2024

F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system.

Authentication 137

Authentication Hacking Technology Information Security 137

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). ” reads the advisory published by the company. could allow a remote authenticated attacker with admin privileges to execute arbitrary code on the core server.

Software 130

Software Authentication IoT Hacking 130

Security Affairs

AUGUST 31, 2024

North Korea-linked APT exploited the recently patched Google Chrome zero-day CVE-2024-7971 to deploy the FudModule rootkit. North Korea-linked group Citrine Sleet (aka AppleJeus , Labyrinth Chollima , UNC4736, Hidden Cobra ) have exploited the recently patched Google Chrome zero-day CVE-2024-7971 (CVSS score 8.8)

Social Engineering 133

Social Engineering Cryptocurrency Malware Engineering 133

Security Affairs

DECEMBER 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference ( CVE-2024-35250 ) and Adobe ColdFusion Improper Access Control ( CVE-2024-20767 ) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The attack complexity is labeled as low.

Hacking 107

Hacking Cybersecurity Ransomware Risk 107

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. The company also fixed a critical SQL injection vulnerability, tracked as CVE-2024-11772 (CVSS score of 9.1) ” reads the advisory published by the company.

Authentication 105

Authentication Software Hacking Information Security 105

Security Affairs

NOVEMBER 27, 2024

The virtualization giant addressed the following vulnerabilities: Here are the details from VMware’s VMSA-2024-0022 bulletin : Local privilege escalation vulnerability (CVE-2024-38830) (CVSS 7.8) – A local admin on VMware Aria Operations can exploit a vulnerability to escalate privileges to root. Important 8.18.2

Hacking 116

Hacking Information Security 116

Security Affairs

SEPTEMBER 26, 2024

The most severe issue is a stack-based buffer overflow vulnerability, tracked as CVE-2024-34026 (CVSS score 9.0), that resides in the OpenPLC Runtime EtherNet/IP parser functionality of OpenPLC _v3 b4702061dc14d1024856f71b4543298d77007b88. The issue was addressed on September 18, 2024.

Energy and Utilities 140

Energy and Utilities Manufacturing Hacking Information Security 140

Security Affairs

OCTOBER 30, 2024

Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple. Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. 92 for Windows, Mac and 130.0.6723.91

Engineering 132

Engineering Architecture Hacking Information Security 132

Security Affairs

SEPTEMBER 17, 2024

Below are the descriptions for these vulnerabilities: CVE-2024-43461 Microsoft Windows MSHTML Platform Spoofing Vulnerability CVE-2024-6670 Progress WhatsUp Gold SQL Injection Vulnerability CVE-2024-43461 – Microsoft this week warned that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024.

Internet 128

Internet Internet Encryption Passwords 128