PoC

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)

Don't miss, enterprise, network monitoring, News, PoC, Progress, Rhino Security, vulnerability /

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) 2024-04-24 at 15:01 By Zeljka Zorz More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerability has been disclosed and patched by Progress earlier this month. “Currently, […]

React to this headline:

Loading spinner

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) Read More »

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

Don't miss, enterprise, exploit, firewall, GreyNoise, Hot stuff, News, Palo Alto Networks, PoC, security update, TrustedSec, Volexity, vulnerability, WatchTowr /

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation 2024-04-17 at 12:31 By Zeljka Zorz While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be as easy a disabling the devices’ telemetry, it has now been comfirmed that this mitigation is ineffectual. “Device telemetry does not need to be

React to this headline:

Loading spinner

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Read More »

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

access management, Delinea, Don't miss, enterprise, Hot stuff, News, PoC, privileged accounts, vulnerability, vulnerability disclosure /

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access 2024-04-15 at 14:46 By Zeljka Zorz Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret Server

React to this headline:

Loading spinner

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access Read More »

PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)

Don't miss, exploit, Fortra, Hot stuff, News, PoC, security update, vulnerability /

PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) 2024-03-19 at 14:01 By Helga Labus Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra FileCatalyst is an enterprise managed file transfer (MFT) software solution that includes several components: FileCatalyst Direct, Workflow, and

React to this headline:

Loading spinner

PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) Read More »

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)

Don't miss, endpoint management, Fortinet, Horizon3.ai, Hot stuff, News, PoC, SANS ISC, vulnerability /

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) 2024-03-14 at 16:36 By Zeljka Zorz A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet’s FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3’s Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and

React to this headline:

Loading spinner

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) Read More »

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)

Arcserve, backup, disaster recovery, Don't miss, enterprise, exploit, Hot stuff, News, PoC, SMBs, Tenable /

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) 2024-03-14 at 13:00 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system. Tenable researchers have published a PoC exploit script demonstrating the attack, as

React to this headline:

Loading spinner

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800) Read More »

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

ConnectWise, Don't miss, exploit, Hot stuff, Huntress, MSP, News, Palo Alto Networks, PoC, remote access, remote management, Shadowserver, vulnerability, WatchTowr /

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) 2024-02-22 at 12:31 By Zeljka Zorz The two ScreenConnect vulnerabilities ConnectWise has recently urged customers to patch have finally been assigned CVE numbers: CVE-2024-1709 for the authentication bypass, CVE-2024-1708 for the path traversal flaw. ConnectWise has also released a newer version of ScreenConnect

React to this headline:

Loading spinner

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708) Read More »

Exploitation of Another Ivanti VPN Vulnerability Observed

exploited, Featured, Ivanti, PoC, Vulnerabilities /

Exploitation of Another Ivanti VPN Vulnerability Observed 2024-02-12 at 13:01 By Ionut Arghire Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins. The post Exploitation of Another Ivanti VPN Vulnerability Observed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Exploitation of Another Ivanti VPN Vulnerability Observed Read More »

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs

0-day, ACROS Security, Don't miss, Hot stuff, intrusion detection, logging, News, PoC, Windows, Windows Server /

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs 2024-01-31 at 18:31 By Zeljka Zorz A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for enterprise defenders. Discovered by a security researcher named Florian and

React to this headline:

Loading spinner

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs Read More »

PoC Exploit Published for Critical Jenkins Vulnerability

Jenkins, PoC, Vulnerabilities /

PoC Exploit Published for Critical Jenkins Vulnerability 2024-01-29 at 18:21 By Ionut Arghire PoC exploit code targeting a critical Jenkins vulnerability patched last week is already publicly available. The post PoC Exploit Published for Critical Jenkins Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

PoC Exploit Published for Critical Jenkins Vulnerability Read More »

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Don't miss, exploit, Hot stuff, Jenkins, News, open source, PoC, security update, SonarSource, vulnerability /

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) 2024-01-29 at 13:31 By Helga Labus Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps

React to this headline:

Loading spinner

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) Read More »

PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability

Fortra, GoAnywhere, PoC, Vulnerabilities /

PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability 2024-01-24 at 16:31 By Ionut Arghire PoC code exploiting a critical Fortra GoAnywhere MFT vulnerability gets published one day after public disclosure. The post PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability Read More »

PoC exploit for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204)

Don't miss, enterprise, file-sharing, Fortra, Horizon3.ai, Hot stuff, News, PoC, Shodan, SMBs, Tenable, vulnerability /

PoC exploit for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204) 2024-01-24 at 15:32 By Zeljka Zorz Proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere MFT solution has been made public, sparking fears that attackers may soon take advantage of it. Fortra’s GoAnywhere MFT is a web-based managed file transfer solution

React to this headline:

Loading spinner

PoC exploit for easily exploitable Fortra GoAnywhere MFT vulnerability released (CVE-2024-0204) Read More »

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Akamai, Apache Struts, Don't miss, exploit, Hot stuff, News, PoC, Shadowserver, vulnerability /

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) 14/12/2023 at 13:32 By Zeljka Zorz Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter ‘fileFileName’ – a deviation from the original

React to this headline:

Loading spinner

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164) Read More »

“Pool Party” process injection techniques evade EDRs

CrowdStrike, Cybereason, Don't miss, Endpoint Security, Hot stuff, Microsoft, News, Palo Alto Networks, PoC, research, SafeBreach, SentinelOne, threat detection, XDR /

“Pool Party” process injection techniques evade EDRs 12/12/2023 at 14:01 By Zeljka Zorz SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection techniques work across all processes and, according to the

React to this headline:

Loading spinner

“Pool Party” process injection techniques evade EDRs Read More »

PoCs for critical Arcserve UDP vulnerabilities released

Arcserve, Data Protection, disaster recovery, Don't miss, enterprise, News, PoC, Tenable, vulnerability /

PoCs for critical Arcserve UDP vulnerabilities released 29/11/2023 at 17:46 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP is a popular enterprise data protection, backup and disaster recovery solution

React to this headline:

Loading spinner

PoCs for critical Arcserve UDP vulnerabilities released Read More »

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

data analytics, Don't miss, enterprise, Hot stuff, News, PoC, Splunk, vulnerability /

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) 27/11/2023 at 13:47 By Zeljka Zorz A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46214 Splunk Enterprise is a solution

React to this headline:

Loading spinner

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) Read More »

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA, Don't miss, enterprise, exploit, Hot stuff, News, PoC, Sophos, vulnerability /

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability

React to this headline:

Loading spinner

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »

Atlassian Confluence data-wiping vulnerability exploited

Atlassian Confluence, Don't miss, GreyNoise, Hot stuff, News, PoC, Shadowserver /

Atlassian Confluence data-wiping vulnerability exploited 06/11/2023 at 13:19 By Zeljka Zorz Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP addresses testing for the flaw in internet-facing Confluence installations. From security updates

React to this headline:

Loading spinner

Atlassian Confluence data-wiping vulnerability exploited Read More »

Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)

Apache ActiveMQ, Don't miss, Hot stuff, News, PoC, Ransomware, Rapid7, security update, vulnerability /

Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604) 02/11/2023 at 17:01 By Zeljka Zorz Ransomware-wielding attackers are trying to break into servers running outdated versions of Apache ActiveMQ by exploiting a recently fixed vulnerability (CVE-2023-46604). “Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two

React to this headline:

Loading spinner

Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604) Read More »

Scroll to Top