Threat update
A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read below to learn how this could impact your organization.
Threat update
A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE).
Threat update
Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices.
Threat update
Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content.
Threat update
A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts. Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign.
Threat update
Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security measures to implement to protect your organization.
Threat update
VMware has recently released software updates to address a security flaw believed to have already been patched in vCenter Server. The vulnerability, known as CVE-2024-38812 with a CVSS score of 9.8, is a heap-overflow vulnerability. Continue reading this Cybersecurity Threat Advisory to mitigate your risk.
Threat update
Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks.
Threat update
Three Ivanti Cloud Service Appliance (CSA) vulnerabilities are being exploited and weaponized in the wild. Read this Cybersecurity Threat Advisory to learn how you can mitigate your risk of being targeted.
Threat update
Researchers have observed the well-known cyber espionage group OilRig exploiting a now-patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel to conduct espionage operations. Read this Cybersecurity Threat Advisory to learn more about the espionage campaign and how to avoid becoming a victim of the campaign.
Threat update
A Mozilla Firefox critical zero-day vulnerability, CVE-2024-9680, has emerged. This vulnerability allows an attacker to have unauthorized access and potential remote code execution on the affected OS. Continue reading this Cybersecurity Threat Advisory for recommendations to remediate this threat.
Threat update
A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate your risk.
Threat update
A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk from these vulnerabilities.
Threat update
There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra's SMTP PostJournal service.
Threat update
SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE).
Threat update
There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass, credential sniffing, and privilege escalation. Review the details in this Cybersecurity Threat Advisory to limit customers' impact.
In today's digital age, the terms "cybersecurity" and "cybersecurity risk" are often used interchangeably. However, they represent different concepts that are crucial for understanding how to protect information systems effectively. Let's delve into what these terms mean and how they relate to each other.
Threat update
A critical vulnerability has been identified in the SonicWall SonicOS management access.
Threat update
Researchers discovered that externally-facing Oracle NetSuite e-commerce sites may expose sensitive customer information when configured inaccurately.
Threat update
CVE-2024-38856 is a new Apache OFBiz ERP system critical zero-day vulnerability. If you are using this system, please continue reading to learn which steps you should take to mitigate your risk.