enterprise

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)

Don't miss, enterprise, Hot stuff, Ivanti, Mandiant, Microsoft, News, VPN /

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) 2025-01-08 at 21:49 By Zeljka Zorz Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. About CVE-2025-0282 and CVE-2025-0283 Both are stack-based buffer overflow […]

React to this headline:

Loading spinner

Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Read More »

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers

CISA, Don't miss, enterprise, Hot stuff, Mitel, News, Oracle WebLogic, vulnerability /

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers 2025-01-08 at 14:20 By Zeljka Zorz CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular enterprise collaboration suite. CVE-2024-41713 and CVE-2024-55550 are both path traversal

React to this headline:

Loading spinner

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers Read More »

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)

BeyondTrust, CVE, Don't miss, enterprise, Hot stuff, News, remote access, vulnerability /

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) 2024-12-18 at 11:48 By Zeljka Zorz BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement

React to this headline:

Loading spinner

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) Read More »

Cleo patches zero-day exploited by ransomware gang

Cleo, enterprise, file-sharing, Huntress, News, Ransomware, Rapid7, Sophos /

Cleo patches zero-day exploited by ransomware gang 2024-12-12 at 18:34 By Zeljka Zorz Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. Version 5.8.0.24 of the three products, which was pushed out on Wednesday, plugs the

React to this headline:

Loading spinner

Cleo patches zero-day exploited by ransomware gang Read More »

Microsoft fixes exploited zero-day (CVE-2024-49138)

0-day, CVE, Don't miss, enterprise, Hot stuff, Immersive Labs, Microsoft, News, Patch Tuesday, Tenable, Windows, Windows Server /

Microsoft fixes exploited zero-day (CVE-2024-49138) 2024-12-10 at 23:04 By Zeljka Zorz On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploited by attackers CVE-2024-49138 stems from a heap-based buffer overflow

React to this headline:

Loading spinner

Microsoft fixes exploited zero-day (CVE-2024-49138) Read More »

How to choose secure, verifiable technologies?

ACSC, CISA, Don't miss, enterprise, guidelines, hardware, IoT, MSP, NCSC, News, procurement, risk assessment, SaaS, software /

How to choose secure, verifiable technologies? 2024-12-06 at 12:16 By Zeljka Zorz The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services

React to this headline:

Loading spinner

How to choose secure, verifiable technologies? Read More »

Mitel MiCollab zero-day and PoC exploit unveiled

0-day, collaboration, CVE, Don't miss, enterprise, Hot stuff, Mitel, News, PoC, WatchTowr /

Mitel MiCollab zero-day and PoC exploit unveiled 2024-12-05 at 16:32 By Zeljka Zorz A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and followed up by releasing a proof-of-concept (PoC) exploit that chains together this zero-day file read vulnerability

React to this headline:

Loading spinner

Mitel MiCollab zero-day and PoC exploit unveiled Read More »

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

CVE, Don't miss, enterprise, exploit, Hot stuff, network monitoring, News, PoC, Progress, Tenable, vulnerability /

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) 2024-12-04 at 13:38 By Zeljka Zorz Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a

React to this headline:

Loading spinner

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) Read More »

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)

backup, CVE, Don't miss, enterprise, Hot stuff, MSP, News, Veeam Software, vulnerability /

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) 2024-12-03 at 19:48 By Zeljka Zorz Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerabilities Veeam Service Provider Console is a cloud-enabled platform that

React to this headline:

Loading spinner

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) Read More »

AWS offers incident response service

AWS, enterprise, Hot stuff, Incident Response, News /

AWS offers incident response service 2024-12-02 at 14:15 By Zeljka Zorz Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS Security Incident Response (SIR). Creating a case (Source: AWS) AWS Security Incident Response explained “Security events

React to this headline:

Loading spinner

AWS offers incident response service Read More »

Faraway Russian hackers breached US organization via Wi-Fi

APT, brute-force, credentials, Don't miss, enterprise, government-backed attacks, Hot stuff, MFA, News, Russian Federation, wireless /

Faraway Russian hackers breached US organization via Wi-Fi 2024-11-25 at 19:03 By Zeljka Zorz Forest Blizzard, a threat group associated with Russia’s GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target’s enterprise Wi-Fi network. The repeated attacks Volexity, a company

React to this headline:

Loading spinner

Faraway Russian hackers breached US organization via Wi-Fi Read More »

Microsoft asks Windows Insiders to try out the controversial Recall feature

Artificial Intelligence, data security, Don't miss, endpoint management, enterprise, Hot stuff, Microsoft, News, Privacy, Windows /

Microsoft asks Windows Insiders to try out the controversial Recall feature 2024-11-25 at 16:33 By Zeljka Zorz Participants of the Windows Insider Program that have a Qualcomm Snapdragon-powered Copilot+ PC can now try out Recall, the infamous snapshot-taking, AI-powered feature that was met with much criticism when it was unveiled earlier this year. “We heard

React to this headline:

Loading spinner

Microsoft asks Windows Insiders to try out the controversial Recall feature Read More »

2,000 Palo Alto Networks devices compromised in latest attacks

CVE, Don't miss, enterprise, firewall, Hot stuff, India, News, Palo Alto Networks, Shadowserver, USA /

2,000 Palo Alto Networks devices compromised in latest attacks 2024-11-21 at 13:27 By Zeljka Zorz Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scanning has revealed. Compromised devices are predominantly located in the US and India, the nonprofit says. Manual and

React to this headline:

Loading spinner

2,000 Palo Alto Networks devices compromised in latest attacks Read More »

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)

CrowdStrike, Don't miss, enterprise, Hot stuff, News, Oracle, product development, Tenable /

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) 2024-11-19 at 12:48 By Zeljka Zorz Oracle has released a security patch for CVE-2024-21287, a remotely exploitable vulnerability in the Oracle Agile PLM Framework that is, according to Tenable researchers, being actively exploited by attackers. About CVE-2024-21287 Oracle Agile PLM Framework is an enterprise product lifecycle management solution

React to this headline:

Loading spinner

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) Read More »

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

0-day, CVE, Don't miss, enterprise, firewall, Hot stuff, News, Palo Alto Networks /

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) 2024-11-18 at 17:33 By Zeljka Zorz Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as zero-days. About the vulnerabilities (CVE-2024-0012, CVE-2024-9474) CVE-2024-0012 stems from missing authentication for a critical

React to this headline:

Loading spinner

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) Read More »

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)

Censys, CISA, configuration management, Don't miss, enterprise, firewall, Horizon3.ai, Hot stuff, News, Palo Alto Networks /

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) 2024-11-15 at 13:16 By Zeljka Zorz Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-9463, CVE-2024-9465) CVE-2024-9463 allows unauthenticated attackers to run arbitrary OS commands as root

React to this headline:

Loading spinner

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) Read More »

North Korean hackers pave the way for Play ransomware

Don't miss, enterprise, Hot stuff, initial access broker, News, North Korea, Palo Alto Networks, Ransomware /

North Korean hackers pave the way for Play ransomware 2024-10-31 at 12:49 By Zeljka Zorz North Korean state-sponsored hackers – Jumpy Pisces, aka Andariel, aka Onyx Sleet – have been spotted burrowing into enterprise systems, then seemingly handing matters over to the Play ransomware group. Timeline of the attack (Source: Palo Alto Networks) The attack

React to this headline:

Loading spinner

North Korean hackers pave the way for Play ransomware Read More »

Black Basta operators phish employees via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft Teams, News, phishing, Ransomware, ReliaQuest, SMBs, social engineering /

Black Basta operators phish employees via Microsoft Teams 2024-10-28 at 18:51 By Zeljka Zorz Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS Teams Earlier this year, Rapid7 warned about Black Basta using the

React to this headline:

Loading spinner

Black Basta operators phish employees via Microsoft Teams Read More »

Exploited: Cisco, SharePoint, Chrome vulnerabilities

brute-force, Chrome, CISA, Cisco, Don't miss, enterprise, exploit, Hot stuff, Kaspersky, News, PoC, SharePoint, vulnerability /

Exploited: Cisco, SharePoint, Chrome vulnerabilities 2024-10-25 at 13:33 By Zeljka Zorz Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its

React to this headline:

Loading spinner

Exploited: Cisco, SharePoint, Chrome vulnerabilities Read More »

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)

0-day, Don't miss, enterprise, Fortinet, Hot stuff, MSP, News, Rapid7, security update /

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) 2024-10-24 at 12:18 By Zeljka Zorz Fortinet has finally made public information about CVE-2024-47575, a critical FortiManager vulnerability that attackers have exploited as a zero-day. About CVE-2024-47575 CVE-2024-47575 is a vulnerability stemming from missing authentication for a critical function in FortiManager’s fgfmd daemon. Remote, unauthenticated attackers could

React to this headline:

Loading spinner

Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) Read More »

Scroll to Top