A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
194 search results for "Vulnerability"
Chinese cyber espionage, Cloud Security, Cybersecurity, Data Security, Endpoint, Exploits, Global Security News, ivanti, malware, Network Security, News, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, vulnerabilities
Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability
Software maker Ivanti, which for more than a year has been plagued by security flaws in its appliance, unveiled two new ones this week, with Mandiant researchers saying that one likely is being activity exploited by China-linked threat groups. The post Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability appeared first on Security Boulevard.
Exploits, Global Security News, Network Security, Vulnerabilities
SonicWall firewall hit with critical authentication bypass vulnerability
SonicWall is warning customers of a severe vulnerability in its SonicOS SSLVPN with high exploitability that remote attackers could use to bypass authentication. The bug is an improper authentication vulnerability in the SSL VPN authentication mechanism, according to emails sent to customers and published on SonicWall’s official subreddit. “We have identified a high (severity) firewall…
Global Security News, North America
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
Exploits, Generative AI, Penetration Testing, Security, Threat and Vulnerability Management, Vulnerabilities, Global Security News
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Generative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise. Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and…
Blog, CVE-2024-49113, Emergency Response, Global Security News, Security Bloggers Network, Windows LDAP
Windows LDAP Denial of Service Vulnerability (CVE-2024-49113) Alert
Overview Recently, NSFOCUS CERT detected that the details of Windows LDAP remote code execution vulnerability (CVE-2024-49113) were disclosed. Due to an out-of-bounds read vulnerability in wldap32.dll of Windows LDAP service, an unauthenticated attacker can induce a target server (as an LDAP client) to initiate a query request to a malicious LDAP server controlled by the…
Global Security News, Security, Vulnerabilities
Open source vulnerability scanner found with a serious vulnerability in its own code
A widely popular open-source tool, Nuclei, used for scanning vulnerabilities and weaknesses in websites, cloud applications, and networks is found to have a high-severity flaw that could potentially allow attackers to execute malicious codes on local systems. The flaw tracked as CVE-2024-43405 is assigned a CVSS score of 7.4 out of 10 and is said…
Exploits, Global Security News
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than…
Best of 2024, CISA cybersecurity advisory, Cisco network device security, critical Cisco vulnerabilities 2024, Cybersecurity News, Exploits, Global Security News, password-cracking attacks, Smart Software Manager On-Prem flaw
Best of 2024: Cisco Vulnerability: CISA Alerts Of Smart Install Exploits
In light of recent cybercrime incidents, the United States (US) Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert pertaining to a Cisco vulnerability. As per recent reports, the Cisco vulnerability prevails within the Smart Install (SMI) feature and can be exploited for access to sensitive data. In this article, we’ll explore the vulnerability…
Best of 2024, Global Security News, Top CVE Vulnerabilties, vulnerabilities, vulnerability intelligence, Vulnerability Management
Best of 2024: CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability
In a recent security advisory, Microsoft disclosed a high-severity vulnerability identified as CVE-2024-38063. This critical Remote Code Execution (RCE) flaw, rated with a CVSS score of 9.8, poses a significant… The post CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability appeared first on Strobes Security. The post Best of 2024: CVE-2024-38063: An…
Adobe, Adobe ColdFusion, Blog, CVE-2024-53961, Emergency Response, Global Security News, Security Bloggers Network
Adobe ColdFusion Any File Read Vulnerability (CVE-2024-53961)
Overview Recently, NSFOCUS CERT detected that Adobe issued a security announcement and fixed any file read vulnerability in Adobe ColdFusion (CVE-2024-53961). Due to improper restrictions on pathnames in Adobe ColdFusion, unauthenticated attackers can bypass the application’s restrictions to read files or directories outside of the restricted directory. As a result, sensitive information may be disclosed…
Exploits, Global Security News
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulnerability, tracked as CVE-2024-45387, is rated 9.9 out of 10.0 on the CVSS scoring system.…
Exploits, Global Security News
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that
Global Security News
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks
The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain conditions. The vulnerability, tracked as CVE-2024-56337, has been described as an incomplete mitigation for CVE-2024-50379 (CVSS score: 9.8), another critical security flaw in the same…
Global Security News
How to Protect Your Environment from the NTLM Vulnerability
This Tech Tip outlines what enterprise defenders need to do to protect their enterprise environment from the new NTLM vulnerability.
Application Detection and Response (ADR), CISA Log4Shell, Contrast One, Global Security News, Log4j Vulnerability, Log4Shell attacks, Log4Shell exploit, Log4Shell remediation, managed security service providers, open source security risks, SBOM, Security Bloggers Network, software supply chain security, Third-party software vulnerabilities, vulnerabilities, Vulnerability Management
Log4Shell Vulnerability | Why it Still Exists and How to Protect Yourself | Contrast Security
Three years ago, Log4Shell was the worst holiday gift ever for security teams, particularly given that it was wrapped in a CISA order to patch by Christmas Eve. The post Log4Shell Vulnerability | Why it Still Exists and How to Protect Yourself | Contrast Security appeared first on Security Boulevard.
Exploits, Global Security News
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending…
Exploits, Global Security News
Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack
A Morphisec researcher showed how an attacker could manipulate FIRST’s Exploit Prediction Scoring System (EPSS) using AI
Blog, Global Security News, Security Bloggers Network
Turning Insights into Action: The Importance of Vulnerability Remediation after VAPT
Vulnerability Assessment and Penetration Testing (VAPT) has become an essential practice for organizations aiming to secure their digital assets. However, identifying vulnerabilities is only half the battle; the real challenge lies in addressing them effectively. This is where vulnerability remediation comes into play. It is the critical step that turns insights from VAPT into actionable…
Exploits, Global Security News
2024 Threat Landscape: Ransomware Activity, Vulnerability Exploits, and Attack Trends
GUEST OPINION: Now we’ve reached the end of another year, you may be looking around the cybersecurity infosphere and seeing a glut of posts offering “hot takes” on the 2024 threat landscape and predictions about what’s coming next. At Rapid7, we don’t truck in hot takes, but rather, cold hard facts. Staying ahead of adversaries…
Exploits, Global Security News
Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection
A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and…
AppSec, Explainers, Global Security News, Security Bloggers Network
What Is an Application Vulnerability? 8 Common Types
Every application is susceptible to attacks, but web applications are more vulnerable than others. They interact with more networks and users—and every interaction is a risk. Any flaws or errors can lead to serious problems like unauthorized access, stolen data, and service disruptions. Whether you run a small team or manage a large organization, staying…
Explainers, Exploits, Global Security News, Security Bloggers Network, Threats
What’s a Zero-Day Vulnerability? Prevent Exploits and Attacks
Zero-day vulnerabilities are serious threats. They’re completely unknown to both the vendor and the user. That gives attackers a significant advantage, allowing them to attack systems before patches are available. The post What’s a Zero-Day Vulnerability? Prevent Exploits and Attacks appeared first on Security Boulevard.
Advanced Persistent Threats, Black Hat, Threat and Vulnerability Management, Vulnerabilities, Exploits, Global Security News
Security researchers find deep flaws in CVSS vulnerability scoring system
The industrywide method for assessing the severity of vulnerabilities in software and hardware needs to be revised because it provides potential misleading severity assessment, delegates at Black Hat Europe were told Thursday. The Common Vulnerability Scoring System (CVSS) makes use of various metrics to quantify vulnerability severity. A presentation at Black Hat by cybersecurity experts…
Apple, CXO, Global Security News, Google, linux, Microsoft, mozilla, Security, Software, vulnerabilities
Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others
December marked a quiet month with 70 vulnerabilities patched, plus updates from outside of Microsoft.
Exploits, Global Security News
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the…
Exploits, Global Security News
Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts…
Emerging Tech, Global Security News
Large-Scale Incidents & the Art of Vulnerability Prioritization
We can anticipate a growing number of emerging vulnerabilities in the near future, emphasizing the need for an effective prioritization strategy.
Global Security News
Vulnerability Management Challenges in IoT & OT Environments
By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.
Global Security News
Want to Grow Vulnerability Management into Exposure Management? Start Here!
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident. At its core, Vulnerability Management
Global Security News
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk…
Exploits, Global Security News, Security
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA tagged a vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. […]
Global Security News
Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw
The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.
Apple, Global Security News, Microsoft, Security
Microsoft: macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. […]
Cloud, Exploits, Global Security News, Security
Hackers exploit critical Aviatrix Controller RCE flaw in attacks
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. […]
Global Security News, Security
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. […]
Exploits, Global Security News, privacy roundup, Security Bloggers Network
Privacy Roundup: Week 2 of Year 2025
This is a news item roundup of privacy or privacy-related news items for 5 JAN 2025 – 11 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Cybersecurity, Global IT News, Global Security News, hacking, ivanti, nominet, Security, zero day
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks
Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of an “ongoing security incident” under investigation. Nominet said hackers accessed its systems via “third-party VPN…
critical infrastructure, cyber hygiene, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, vulnerabilities
CISA report touts cyber hygiene enrollment surge for critical infrastructure orgs
The Cybersecurity and Infrastructure Security Agency has seen a surge in its Cyber Hygiene (CyHy) service enrollment from critical infrastructure organizations over a two-year period, with the communications sector representing the biggest jump. In a report released Friday, CISA said an analysis of the 7,791 critical infrastructure organizations enrolled in the agency’s vulnerability scanning service…
Exploits, Global Security News, Security
2025 Cybersecurity and AI Predictions
The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
attack surface, Commentary, Exploits, Global Security News, security theater
What is ‘security theater’ and how can we move beyond it?
Conventional wisdom assumes that the more vulnerabilities a security tool flags, the easier it will be for a company to secure its infrastructure. In theory, layering more tools into a tech stack should equal more effective attack surface monitoring, right? Well, reality isn’t quite panning out like that. If anything, tool sprawl has created an…
Global Security News
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote
Global Security News
Fake PoC Exploit Targets Security Researchers with Infostealer
Trend Micro detailed how attackers are using a fake proof-of-concept for a critical Microsoft vulnerability, designed to steal sensitive data from security researchers
Business IT Alignment, Compliance, CSO and CISO, IT Leadership, Regulation, Global Security News
SEC rule confusion continues to put CISOs in a bind a year after a major revision
Confusion around when and how to report cybersecurity breaches continues to plague companies a year after revised US Securities and Exchange Commission (SEC) cybersecurity breach reporting rules came into effect, experts say. As the agency that regulates and enforces federal US securities laws continues to flex its enforcement muscles against organizations that violate the strict…
Global Security News, Risk Management
6 Risk-Assessment-Frameworks im Vergleich
Mit dem richtigen Framework lassen sich Risiken besser ergründen. FOTOGRIN – shutterstock.com Für viele Geschäftsprozesse ist Technologie inzwischen unverzichtbar. Deshalb zählt diese auch zu den wertvollsten Assets eines Unternehmens. Leider stellt sie gleichzeitig jedoch auch eines der größten Risiken dar – was Risk-Assessment-Frameworks auf den Plan ruft. IT-Risiken formal zu bewerten, ermöglicht es Organisationen, besser einzuschätzen,…
Cyberattacks, Malware, Exploits, Global Security News
Legitimate PoC exploited to spread information stealer
A recently copied and abused open source proof of concept (PoC) exploit from a reputable security company, aimed at helping threat researchers, is the latest example of the novel tactics hackers will use to spread malware. PoCs for known vulnerabilities are created to be shared by students, researchers, and IT pros to improve software and…
Exploits, Global Security News, Malware, Vulnerabilities, Zero-day vulnerability
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year. The latest attacks,…
Botnets, DDoS, Exploits, Global Security News
New Mirai botnet targets industrial routers
According to security analysis, the Gayfemboy botnet, based on the notorious Mirai malware, is currently spreading around the world. Researchers from Chainxin X Lab found that cybercriminals have been using the botnet since November 2024 to attack previously unknown vulnerabilities. The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices. Experts from VulnCheck reported at the end…
Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), exploit, Exploits, Global Security News, ivanti, malware, Mandiant, SPAWN, UNC5221, UNC5337, vulnerabilities, zero days
New zero-day exploit targets Ivanti VPN product
A year after a series of vulnerabilities impacting a pair of Ivanti VPN products prompted an emergency directive from the Cybersecurity and Infrastructure Security Agency to federal agencies, the Utah-based software firm is again experiencing issues with one of its signature systems. The company on Wednesday disclosed two vulnerabilities — CVE-2025-0282 and CVE-2025-0283 — that…
Exploits, Global Security News, Security
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. […]
Cybersecurity, Exploits, Global Security News, hack, ivanti, Security, VPN, vulnerability
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December. © 2024 TechCrunch. All rights reserved. For personal use only.
Cyberattacks, Security, Vulnerabilities, Exploits, Global Security News
China-linked hackers target Japan’s national security and high-tech industries
Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China. The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security…
Exploits, Global Security News
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could…
Enterprise Buyer’s Guides, Incident Response, Unified Threat Management, Global Security News
SOAR buyer’s guide: 11 security orchestration, automation, and response products — and how to choose
Security orchestration, automation, and response (SOAR) has undergone a major transformation in the past few years. Features in each of the words in its description that were once exclusive to SOAR have bled into other tools. For example, responses can be found now in endpoint detection and response (EDR) tools. Orchestration is now a joint…
Exploits, Global Security News
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version…
Exploits, Global Security News, Network Security, Threat and Vulnerability Management, Zero-day vulnerability
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
IT software provider Ivanti released patches Wednesday for its Connect Secure SSL VPN appliances to address two memory corruption vulnerabilities, one of which has already been exploited in the wild as a zero-day to compromise devices. The exploited vulnerability, tracked as CVE-2025-0282, is a stack-based buffer overflow rated as critical with a CVSS score of…
Cyberattacks, Data Breach, Global Security News
UN agency’s job application database breached, 42,000 records stolen
The International Civil Aviation Organization (ICAO) on Tuesday said that it is “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” and has initially concluded that “approximately 42,000 recruitment application data records from April 2016 to July 2024” were stolen. In its initial statement,…
Exploits, Global Security News, Medical Devices, Supply Chain, Vulnerabilities
DNA sequencer vulnerabilities signal firmware issues across medical device industry
In highlighting vulnerabilities in a widely used DNA gene sequencing device, security researchers have brought further attention to the likely poor state of security in the medical device industry, where hardware and firmware development is often outsourced to external equipment manufacturers under questionable support contracts. The device, Illumina’s iSeq 100 compact DNA sequencer, is used…
Exploits, Global Security News, Security
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]
Exploits, Global Security News, Security
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” […]
Exploits, Global Security News, Security
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. […]
Communications Security, Vulnerabilities, Exploits, Global Security News
Critical Mitel, Oracle flaws find active exploitation, CISA urges patching
Attackers are actively expoiting flaws in Mitel MiCollab flaws to gain unauthorized access to sensitive system files, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned. On Tuesday the agency added two path traversal vulnerabilities in the widely used communication platform to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of exploitation. “These type…
Exploits, Global Security News
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild
On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.
Data Breach, Security, Europe, Global Security News
The biggest data breach fines, penalties, and settlements so far
Sizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data. Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with…
Exploits, Global Security News
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow…
business, channel, channel business model, Cybersecurity, Global Security News, MSPs, MSSPs, Partners, Security
Managed Patch Management: An Opportunity for MSPs
There are various methods to protect against unauthorized access to your company’s networks, and patch management is a simple way to address security vulnerabilities or bugs in the system. Maintaining network security through updates and patches can improve your customers’ experience with their technology, and ensure your services remain valuable to the businesses that you…
Emerging Tech, Global Security News, Security Bloggers Network
Agents, Robotics, and Auth – Oh My! | Impart Security
Agents, Robotics, and Auth – Oh My! Introduction 2025 will be the year of the futurist. I never thought that I’d be writing a blog post about AI and robotics at this point in my career, but technology has advanced so much in the lat 12 months setting up 2025 to be a landmark year…
Android, CVE, Cybersecurity, Global Security News, MediaTek, Qualcomm, Samsung, vulnerabilities
Android patches several vulnerabilities in first security update of 2025
Android has released its first security update of the year, disclosing several critical and high-severity vulnerabilities that affect a wide range of Android devices. The bulletin identifies five critical remote code execution (RCE) vulnerabilities affecting what Android categorizes as the “system,” which encompasses Android’s core components and underlying architecture. These vulnerabilities could allow attackers to…
Advanced Persistent Threats, Cyberattacks, Hacker Groups, Global Security News
Chinesische Hacker attackieren US-Finanzministerium
Die IT-Security im US-Finanzministerium dürfte angesichts des chinesischen Hackerangriffs wenig erholsame Weihnachtsferien gehabt haben. Mark Gomez / Shutterstock Zum Jahreswechsel musste das US-amerikanische Finanzministerium einräumen, dass es Hackern offenbar gelungen war, in Rechner der Behörde einzudringen und dort Dokumente sowie Daten zu stehlen. Noch ist nicht klar, wie viele Systeme von dem Angriff betroffen waren…
Global Security News
Moxa Alerts Users to High-Severity Vulnerabilities in Cellular and Secure Routers
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution. The list of vulnerabilities is as follows – CVE-2024-9138 (CVSS 4.0 score: 8.6) – A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain
Global Security News, Government IT, Military, Security Infrastructure, Security Practices
US military allocated about $30 billion to spend on cybersecurity in 2025
The United States military will receive about $30 billion in cybersecurity funding in fiscal 2025 from $895.2 billion earmarked for US military activities under the National Defense Authorization Act (NDAA), an annual piece of must-pass legislation signed by President Joe Biden last month. The nearly 1,000-page bill’s budget doesn’t enable clear-cut or quick calculations of…
CVE, Cybersecurity, Exploits, Global Security News, industrial control systems (ICS), industrial IoT (IIoT), Moxa, Threats, vulnerabilities
Industrial networking manufacturer Moxa reports ‘critical’ router bugs
Firmware in cellular routers, secure routers and network security appliances made by Moxa are vulnerable to a pair of high severity bugs that can escalate privileges for an attacker, give root-level access or allow for unauthorized execution of commands. In a pair of CVEs published Jan. 3, Moxa called the flaws “critical” and warned they…
business, channel, Global Security News, News and Trends, services, US Channel News
HackerOne Now Available on the AWS Marketplace, Expands Access Through Channel
HackerOne’s security platform leverages AI-driven and researcher-led continuous testing to target vulnerabilities found throughout an organization’s posture. Now, the platform and tools are available through the AWS marketplace. Channel Insider spoke with HackerOne Vice President of Global Channels John Addeo to learn more about its AWS partnership and how the company plans to reimagine its…
Global Security News, Hardware, Security
Vulnerable Moxa devices expose industrial networks to attacks
Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances. […]
Global Security News
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [6 Jan]
Every tap, click, and swipe we make online shapes our digital lives, but it also opens doors—some we never meant to unlock. Extensions we trust, assistants we rely on, and even the codes we scan are turning into tools for attackers. The line between convenience and vulnerability has never been thinner. This week, we dive…
Cloud Security, Global Security News
7 fundamentale Cloud-Bedrohungen
Dieser Artikel hilft, Unsicherheiten in Cloud-Umgebungen vorzubeugen. Foto: Roman Samborskyi | shutterstock.com Für jedes Unternehmen, das sich auf die Cloud verlässt, um Services bereitzustellen, steht Cybersicherheit ganz oben auf der Prioritätenliste. Allerdings stellen Anwender in der Regel schnell fest, dass das leichter gesagt als getan ist. Zumindest, wenn Daten und Unternehmens-Assets über die gesamte Online-Infrastruktur…
Global Security News, Security
Nuclei flaw bypasses template signature checks to execute code
A new vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]
Global Security News, Security
Nuclei flaw bypasses template signature checks to execute commands
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]
Global Security News, Security
Nuclei flaw lets malicious templates bypass signature verification
A now-fixed vulnerability in the open-source vulnerability scanner Nuclei could potentially allow attackers to bypass signature verification while sneaking malicious code into templates that execute on local systems. […]
Exploits, Global Security News, privacy roundup, Security Bloggers Network
Privacy Roundup: Week 1 of Year 2025
This is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
Active Directory, Vulnerabilities, Windows Security, Exploits, Global Security News
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers. “Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach,…
Global Security News, Security
Bad Tenable plugin updates take down Nessus agents worldwide
Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. […]
Global Security News
Thousands of Buggy BeyondTrust Systems Remain Exposed
Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say.
Advanced Persistent Threats, Government, Hacker Groups, Asia Pacific, Global Security News
US government sanctions Chinese cybersecurity company linked to APT group
The US Department of Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against a Beijing cybersecurity company for its role in attacks attributed to a Chinese cyberespionage group known as Flax Typhoon. The company, called Integrity Technology Group (Integrity Tech), is accused of providing the computer infrastructure that Flax Typhoon used in its…
Best of 2024, Cybersecurity, firewalls, Global Security News, Security Awareness, Social - Facebook, Social - LinkedIn, Social - X, VPN's, zero trust
Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door
Firewalls and VPN appliances are critical gateways. Like all on-prem systems, a vulnerability can lead to a compromise that is used to open the door for attackers. The post Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door appeared first on Security Boulevard.
Exploits, Global Security News
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (
Development Approaches, DevSecOps, Security Practices, Security Software, Software Development, Exploits, Global Security News
Secure by design vs by default – which software development concept is better?
As cybersecurity professionals, we need to know that the software products we acquire are safe and able to support or accommodate the procedures and tools we use to keep attackers at bay while performing their given functions. With attacks perennially on the rise and the software supply chain remaining as vulnerable as ever, there is…
Global Security News
Unpatched Active Directory Flaw Can Crash Any Microsoft Server
Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.
Cloud Security, Global Security News
Microsoft Sentinel: A cloud-native SIEM with integrated GenAI
In a recent survey, 74% of cybersecurity professionals said that the threat landscape is the worst they’ve seen in 5 years.[1] Escalating cyber threats, an expanding attack surface, and staffing shortages are putting tremendous pressure on the security operations center (SOC). It’s never been more important to have the right tools in place, especially when…
Global Security News
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings reside in Power Platform’s OData Web API Filter, while the third vulnerability…
business, channel, Global IT News, Global Security News, services, Tech Analysis
What Top Technologies IT Leaders Want From Solution Providers in 2025
Now that we’ve turned the page over to the new year, organizations will begin to set their sights on what technologies and services they should prioritize this year. Enterprises must deliver successful digital initiatives while navigating budget constraints. According to Gartner’s 2025 CIO Agenda, CIOs should aim to “grow the digital vanguard by making it…
Careers, Certifications, IT Skills, Security, Exploits, Global Security News
12 best entry-level cybersecurity certifications
A UC Berkeley professor recently made headlines when he stated that even his computer science graduates with a perfect 4.0 grade point average were failing to land jobs. Such is the labor market in the AI era. With AI coding assistants in wide use, junior developer roles are in jeopardy. The same may soon be…
Cyberattacks, Security, Europe, Global Security News
SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach
SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers aimed at taking over the Chrome Extension from the Chrome Store. On December 25th, 2024, a malicious version of Cyberhaven’s browser extension was published on the Chrome Store that…
Exploits, Global Security News, Security Bloggers Network
LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112
SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability (CVE-2024-49112). The post LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112 appeared first on SafeBreach. The post LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112 appeared first on Security…
Global Security News
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites
Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. “Instead of relying on a single click, it takes advantage of a double-click sequence,” Yibelo said.
CISSP Domains and Guidance
The ISC2 (International Information System Security Certification Consortium) has several certifications, each with its own domains of knowledge. To give you the most relevant information, I need to know which certification you’re interested in. However, since the CISSP (Certified Information Systems Security Professional) is one of their most popular certifications, we provide those domains as…
Glossary of Sec and IT Terms
A comprehensive glossary explaining common cybersecurity and IT terms in simple language. Generative AI can easily compile and define such terms, making complex topics accessible to a wider audience. Here is a comprehensive glossary of terms used in cybersecurity and IT: General Terms Network Security Malware Password Management Ransomware Security Measures Software Security Threat Intelligence…
Top ~100 Open Source Security Tools
Explore the ultimate guide to the top 100 open-source security tools on Geek-Guy.com! Whether you’re a cybersecurity professional or an enthusiast, this comprehensive list offers powerful tools to enhance your digital defenses. Dive into detailed reviews, features, and expert insights to fortify your cybersecurity arsenal with the best open-source software available. Stay ahead of threats…
Blog, Data Security, data theft, digital supply chain, Exploits, Global Security News, Resources, Security Bloggers Network
CRITICAL ALERT: Sophisticated Google Domain Exploitation Chain Unleashed
by Source Defense A sophisticated attack chain targeting e-commerce payment flows has been prematurely exposed in a concerning development, highlighting the delicate balance between responsible disclosure and public safety. Discovered initially by Source Defense’s research team and responsibly disclosed to Google on November 19, 2024 (Issue ID: 379818473), this critical vulnerability has now been publicly…
Cyberattacks, Hacking, Security, Exploits, Global Security News
Top 12 ways hackers broke into your systems in 2024
In 2024, hackers had a field day finding sneaky ways into systems — from convincing phishing scams that played on human curiosity to brutal software flaws that exposed gaps in tech upkeep. It was a year of clever breaches, showing just how wide the gap is between user habits and security practices. “While every year…