enterprise

Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)

backup, Don't miss, enterprise, Hot stuff, News, Veeam Software, vulnerability /

Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849) 2024-05-22 at 11:46 By Zeljka Zorz Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web interface as any user. With no user interaction required for remote exploitation and […]

React to this headline:

Loading spinner

Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849) Read More »

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)

Don't miss, endpoint management, enterprise, Hot stuff, Ivanti, News, PoC, Redline Cyber Security, vulnerability /

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) 2024-05-20 at 14:02 By Zeljka Zorz Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter. About CVE-2024-22026 Ivanti Endpoint Manager Mobile (formerly MobileIron Core) is used by enterprises to

React to this headline:

Loading spinner

PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) Read More »

US exposes scheme enabling North Korean IT workers to bypass sanctions

DOJ, Don't miss, enterprise, Hot stuff, News, North Korea, tips, USA /

US exposes scheme enabling North Korean IT workers to bypass sanctions 2024-05-17 at 14:46 By Zeljka Zorz The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities

React to this headline:

Loading spinner

US exposes scheme enabling North Korean IT workers to bypass sanctions Read More »

Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661)

consumer, CVE, Don't miss, enterprise, Hot stuff, Leviathan Security Group, News, Privacy, VPN /

Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661) 2024-05-08 at 16:31 By Zeljka Zorz Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users’ traffic by attackers who are on the same

React to this headline:

Loading spinner

Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661) Read More »

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)

Don't miss, enterprise, network monitoring, News, PoC, Progress, Rhino Security, vulnerability /

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) 2024-04-24 at 15:01 By Zeljka Zorz More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerability has been disclosed and patched by Progress earlier this month. “Currently,

React to this headline:

Loading spinner

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) Read More »

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

Censys, CrowdStrike, CrushFTP, CVE, Don't miss, enterprise, exploit, FTP, Hot stuff, News /

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) 2024-04-23 at 13:01 By Zeljka Zorz A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system files (i.e., configuration files), but only if

React to this headline:

Loading spinner

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040) Read More »

Ernst & Young taps ZK-proofs on Ethereum to automate contracts

accounting, audit, enterprise, EY OpsChain Contract Manager, Paul Brody, Polygon, Poylgon Nightfall, Private Blockchain, Public Blockchain, tax /

Ernst & Young taps ZK-proofs on Ethereum to automate contracts 2024-04-18 at 06:01 By Cointelegraph by Brayden Lindrea EY said it chose Ethereum instead of a private network as it is cheaper, more confidential and prevents a party from gaining a “strategic advantage” over another. This article is an excerpt from Cointelegraph.com News View Original

React to this headline:

Loading spinner

Ernst & Young taps ZK-proofs on Ethereum to automate contracts Read More »

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

Don't miss, enterprise, exploit, firewall, GreyNoise, Hot stuff, News, Palo Alto Networks, PoC, security update, TrustedSec, Volexity, vulnerability, WatchTowr /

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation 2024-04-17 at 12:31 By Zeljka Zorz While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be as easy a disabling the devices’ telemetry, it has now been comfirmed that this mitigation is ineffectual. “Device telemetry does not need to be

React to this headline:

Loading spinner

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Read More »

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

access management, Delinea, Don't miss, enterprise, Hot stuff, News, PoC, privileged accounts, vulnerability, vulnerability disclosure /

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access 2024-04-15 at 14:46 By Zeljka Zorz Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret Server

React to this headline:

Loading spinner

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access Read More »

New covert SharePoint data exfiltration techniques revealed

Data exfiltration, data theft, Don't miss, enterprise, Hot stuff, logging, News, SharePoint, Varonis /

New covert SharePoint data exfiltration techniques revealed 2024-04-10 at 18:10 By Zeljka Zorz Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies’ SharePoint server. “These techniques can bypass the detection and enforcement policies of traditional tools, such as cloud access security brokers, data

React to this headline:

Loading spinner

New covert SharePoint data exfiltration techniques revealed Read More »

Ivanti vows to transform its security operating model, reveals new vulnerabilities

Don't miss, enterprise, Hot stuff, Ivanti, News, VPN, vulnerability, vulnerability management /

Ivanti vows to transform its security operating model, reveals new vulnerabilities 2024-04-04 at 16:02 By Zeljka Zorz Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), some of which could also lead to execution of arbitrary code or information disclosure. Also, three months

React to this headline:

Loading spinner

Ivanti vows to transform its security operating model, reveals new vulnerabilities Read More »

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)

CISA, Don't miss, enterprise, Government, Hot stuff, News, Synopsys, vulnerability /

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) 2024-03-28 at 12:32 By Zeljka Zorz The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 – a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable Microsoft SharePoint Server – to its KEV catalog and is demanding that

React to this headline:

Loading spinner

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955) Read More »

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)

Anyscale, authentication, Bishop Fox, Don't miss, enterprise, Hot stuff, machine learning, News, Oligo Security, vulnerability /

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) 2024-03-27 at 13:16 By Zeljka Zorz Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale’s Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells. “To our knowledge, the attack started 7 months ago,” Avi Lumelsky, a researcher at Oligo

React to this headline:

Loading spinner

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) Read More »

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns

BSI, Don't miss, enterprise, Germany, Hot stuff, Microsoft Exchange, News, Shadowserver, vulnerability /

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns 2024-03-26 at 15:31 By Zeljka Zorz Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates are no longer offered for them,” the German Federal Office

React to this headline:

Loading spinner

17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns Read More »

Apps secretly turning devices into proxy network nodes removed from Google Play

consumer, Don't miss, enterprise, Hot stuff, HUMAN Security, mobile apps, News, Orange Cyberdefense, Proxy, research, Sekoia.io /

Apps secretly turning devices into proxy network nodes removed from Google Play 2024-03-26 at 12:16 By Zeljka Zorz Your smartphone might be part of a proxy network, and you might not even know it: all it takes is for you to download apps whose developers have included the functionality and didn’t mention it. If that

React to this headline:

Loading spinner

Apps secretly turning devices into proxy network nodes removed from Google Play Read More »

Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724)

Don't miss, enterprise, Hot stuff, Ivanti, NATO, News, security update, vulnerability /

Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) 2024-03-20 at 21:01 By Zeljka Zorz Ivanti has fixed a critical RCE vulnerability (CVE-2023-41724) in Ivanti Standalone Sentry that has been reported by researchers with the NATO Cyber Security Centre. Though the company is not aware of customers being compromised via the flaw, it “strongly

React to this headline:

Loading spinner

Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) Read More »

NIST’s NVD has encountered a problem

Chainguard, Don't miss, enterprise, Hot stuff, News, NIST, Qualys, Rapid7, vulnerability, vulnerability management /

NIST’s NVD has encountered a problem 2024-03-19 at 15:47 By Zeljka Zorz Whether the cause is insurmountable technical debt, lack of funds, a third reason or all of them, NIST’s National Vulnerability Database (NVD) is struggling, and it’s affecting vulnerability management efforts. What happened? Anyone who regularly uses the NVD as a source of information

React to this headline:

Loading spinner

NIST’s NVD has encountered a problem Read More »

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Arcserve, backup, disaster recovery, Don't miss, enterprise, exploit, Hot stuff, News, PoC, SMBs, Tenable /

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) 2024-03-14 at 13:00 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as

React to this headline:

Loading spinner

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) Read More »

BSAM: Open-source methodology for Bluetooth security assessment

Bluetooth, Bluetooth Low Energy, consumer, Don't miss, enterprise, Hot stuff, News, security auditing, SMBs, Tarlogic, vulnerability, wireless /

BSAM: Open-source methodology for Bluetooth security assessment 2024-03-13 at 08:39 By Zeljka Zorz Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of the examples presented during the conference were real tests

React to this headline:

Loading spinner

BSAM: Open-source methodology for Bluetooth security assessment Read More »

Scroll to Top