PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)

A critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) has been patched; a PoC exploit is already available online. While there’s currently no reports of in-the-wild exploitation, enterprise admins are advised to p… Continue reading PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276)

75% of new vulnerabilities exploited within 19 days

Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes — averaging 600 new vulnerabilities per week, according to Skybox Security. The report highlights a critical gap in remedi… Continue reading 75% of new vulnerabilities exploited within 19 days

Hackaday Links: June 23, 2024

Hackaday Links Column Banner

When a ransomware attack targets something like a hospital, it quickly becomes a high-profile event that understandably results in public outrage. Hospitals are supposed to be backstops for society, a …read more Continue reading Hackaday Links: June 23, 2024

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitat… Continue reading Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation. “A malicious actor with network access to vCenter Server may tr… Continue reading Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

Mass exploitation is the new primary attack vector for ransomware

The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure. Edge service KEV vulnerability trends 64% of all edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) in the Known Expl… Continue reading Mass exploitation is the new primary attack vector for ransomware

PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)

An OS command injection vulnerability in Windows-based PHP (CVE-2024-4577) in CGI mode is being exploited by the TellYouThePass ransomware gang. Imperva says the attacks started on June 8, two days after the PHP development team pushed out fixes, and o… Continue reading PHP command injection flaw exploited to deliver ransomware (CVE-2024-4577)

Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)

June 2024 Patch Tuesday is here and Microsoft has delivered fixes for a critical MSMQ flaw (CVE-2024-30080) and a RCE vulnerability in Microsoft Outlook (CVE-2024-30103). 49 CVE-numbered vulnerabilities have been fixed in total, none of which have been… Continue reading Microsoft fixes RCE vulnerabilities in MSMQ, Outlook (CVE-2024-30080, CVE-2024-30103)

Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)

JetBrains has fixed a critical vulnerability (CVE-2024-37051) that could expose users of its integrated development environments (IDEs) to GitHub access token compromise. About CVE-2024-37051 JetBrains offers IDEs for various programming languages. CVE… Continue reading Users of JetBrains IDEs at risk of GitHub access token compromise (CVE-2024-37051)