vulnerability - Security Ticks

QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358)

Don't miss, enterprise, Hot stuff, NAS, News, Palo Alto Networks, QNAP, Rapid7, security update, SMBs, vulnerability / SecurityTicks

QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358) 2024-02-14 at 12:46 By Zeljka Zorz QNAP Systems has patched two unauthenticated OS command injection vulnerabilities (CVE-2023-47218, CVE-2023-50358) in various versions of the operating systems embedded in the firmware of their popular network-attached storage (NAS) devices. About the vulnerabilities (CVE-2023-47218, CVE-2023-50358) Both vulnerabilities […]

React to this headline:

QNAP fixes OS command injection flaws affecting its NAS devices (CVE-2023-47218, CVE-2023-50358) Read More »

Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351)

0-day, APT, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, MS Office, News, Tenable, Trend Micro, vulnerability / SecurityTicks

Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351) 2024-02-13 at 22:01 By Zeljka Zorz On February 2024 Patch Tuesday, Microsoft has delivered fixes for 72 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-21412, CVE-2024-21351) that are being leveraged by attackers in the wild. About CVE-2024-21412 and CVE-2024-21351 CVE-2024-21412 allows attackers to bypass the Microsoft Defender SmartScreen

React to this headline:

Microsoft patches two zero-days exploited by attackers (CVE-2024-21412, CVE-2024-21351) Read More »

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893)

backdoor, Don't miss, exploit, Hot stuff, Ivanti, News, Orange Cyberdefense, vulnerability / SecurityTicks

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) 2024-02-13 at 13:01 By Helga Labus Hackers are actively exploiting a vulnerability (CVE-2024-21893) in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a “previously unknown and interesting backdoor” dubbed DSLog. CVE-2024-21893 patches and exploitation Ivanti disclosed CVE-2024-21893 – a server-side request

React to this headline:

Attackers injected novel DSLog backdoor into 670 vulnerable Ivanti devices (CVE-2024-21893) Read More »

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770)

CISA, Don't miss, Hot stuff, News, Roundcube, vulnerability / SecurityTicks

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) 2024-02-13 at 11:46 By Zeljka Zorz CVE-2023-43770, a vulnerability in the Roundcube webmail software that has been fixed in September 2023, is being exploited by attackers in the wild, CISA has warned by adding the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-43770 Roundcube is

React to this headline:

Roundcube webmail XSS vulnerability exploited by attackers (CVE-2023-43770) Read More »

Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762)

Don't miss, Fortinet, Hot stuff, News, Rapid7, security update, vulnerability / SecurityTicks

Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762) 2024-02-12 at 21:01 By Zeljka Zorz Fortinet has patched critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313), one of which is “potentially” being exploited in the wild. The exploitation-in-the-wild has been confirmed by CISA, by adding it to its Known Exploited Vulnerabilities (KEV) catalog, though

React to this headline:

Critical Fortinet FortiOS flaw exploited in the wild (CVE-2024-21762) Read More »

Akira, LockBit actively searching for vulnerable Cisco ASA devices

Cisco, Don't miss, enterprise, exploit, GreyNoise, Hot stuff, News, Ransomware, Truesec, vulnerability / SecurityTicks

Akira, LockBit actively searching for vulnerable Cisco ASA devices 2024-02-08 at 14:31 By Zeljka Zorz Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. They are targeting vulnerabilities for which patches have been made available in 2020 and 2023.

React to this headline:

Akira, LockBit actively searching for vulnerable Cisco ASA devices Read More »

Chinese hackers breached Dutch Ministry of Defense

Don't miss, EU, Fortinet, Government, government-backed attacks, Hot stuff, Malware, News, Remote Access Trojan, vulnerability / SecurityTicks

Chinese hackers breached Dutch Ministry of Defense 2024-02-07 at 16:46 By Helga Labus Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. “The effects of the intrusion were limited because the victim network was segmented from the

React to this headline:

Chinese hackers breached Dutch Ministry of Defense Read More »

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability

Linux, Vulnerabilities, vulnerability / SecurityTicks

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability 2024-02-07 at 16:31 By Ionut Arghire A critical remote code execution vulnerability in Shim could allow attackers to take over vulnerable Linux systems. The post Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability Read More »

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)

continuous integration, Don't miss, Hot stuff, JetBrains, News, security update, vulnerability / SecurityTicks

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917) 2024-02-07 at 12:31 By Helga Labus JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About CVE-2024-23917 CVE-2024-23917 could allow an unauthenticated threat actor with HTTP(S) access to a TeamCity server to bypass authentication controls and gain administrative

React to this headline:

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917) Read More »

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

Don't miss, exploit, Hot stuff, Ivanti, News, Shadowserver, vulnerability / SecurityTicks

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) 2024-02-07 at 12:16 By Zeljka Zorz CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted

React to this headline:

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) Read More »

Spoutible API exposed encrypted password reset tokens, 2FA secrets of users

account hijacking, API security, data breach, Don't miss, Hot stuff, News, social media, Spoutible, vulnerability / SecurityTicks

Spoutible API exposed encrypted password reset tokens, 2FA secrets of users 2024-02-06 at 16:33 By Helga Labus A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be used to hijack user accounts. The problem with the Spoutible API Security consultant Troy Hunt has been tipped

React to this headline:

Spoutible API exposed encrypted password reset tokens, 2FA secrets of users Read More »

Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)

account hijacking, Cure53, Don't miss, Hot stuff, Mastodon, News, security update, social media, vulnerability / SecurityTicks

Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832) 2024-02-06 at 12:02 By Zeljka Zorz Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have been upgraded to close the hole. About Mastodon Mastodon is open-source (server) software for

React to this headline:

Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832) Read More »

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others

cloud security, container, Docker, Vulnerabilities, vulnerability / SecurityTicks

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others 2024-02-01 at 18:01 By Eduard Kovacs Snyk discloses information on Leaky Vessels, several potentially serious container escape vulnerabilities affecting Docker and others. The post ‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others Read More »

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

Akamai, botnet, Don't miss, exploit, Hot stuff, Linux, Log4j, Malware, News, vulnerability / SecurityTicks

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities 2024-02-01 at 17:31 By Helga Labus The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is

React to this headline:

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities Read More »

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527)

exploit, vulnerability / SecurityTicks

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) 2024-01-30 at 17:15 By neetha871ad236bd Cyble’s Global Sensor Intelligence (CGSI) network picks up scanning attempts aiming to exploit a recent Vulnerability in Atlassian Confluence. The post Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. The post Active Exploitation of Atlassian Confluence RCE Vulnerability

React to this headline:

Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) Read More »

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527)

Annoucement, exploit, vulnerability / SecurityTicks

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) 2024-01-30 at 16:02 By neetha871ad236bd There is no excerpt because this is a protected post. The post Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. The post Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) appeared first on Cyble. This

React to this headline:

Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) Read More »

Self-managed GitLab installations should be patched again (CVE-2024-0402)

DevOps, Don't miss, GitLab, Hot stuff, News, security update, software development, vulnerability / SecurityTicks

Self-managed GitLab installations should be patched again (CVE-2024-0402) 2024-01-30 at 14:02 By Zeljka Zorz Less than two weeks after having plugged a security hole that allows account takeover without user interaction, GitLab Inc. has patched a critical vulnerability (CVE-2024-0402) in GitLab CE/EE again and is urging users to update their installations immediately. GitLab Inc. operates

React to this headline:

Self-managed GitLab installations should be patched again (CVE-2024-0402) Read More »

Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution

Vulnerabilities, vulnerability / SecurityTicks

Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution 2024-01-29 at 18:21 By Ionut Arghire Two memory safety vulnerabilities in WatchGuard and Panda Security products could lead to code execution with System privileges. The post Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution Read More »

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Don't miss, exploit, Hot stuff, Jenkins, News, open source, PoC, security update, SonarSource, vulnerability / SecurityTicks

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) 2024-01-29 at 13:31 By Helga Labus Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps

React to this headline:

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897) Read More »

Critical Jenkins Vulnerability Leads to Remote Code Execution

Vulnerabilities, vulnerability / SecurityTicks

Critical Jenkins Vulnerability Leads to Remote Code Execution 2024-01-26 at 14:02 By Ionut Arghire A critical vulnerability in Jenkins’ built-in CLI allows remote attackers to obtain cryptographic keys and execute arbitrary code. The post Critical Jenkins Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Critical Jenkins Vulnerability Leads to Remote Code Execution Read More »