F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)

Eclypsium researchers have published details and PoC exploits for two remotely exploitable injection vulnerabilities (CVE-2024-21793, CVE-2024-26026) affecting F5’s BIG-IP Next Central Manager. About the vulnerabilities BIG-IP Next is “a complete… Continue reading F5 fixes BIG-IP Next Central Manager flaws with public PoCs (CVE-2024-21793, CVE-2024-26026)

Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661)

Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users’ traffic by attackers who are on the same local network. &#822… Continue reading Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661)

Veeam fixes RCE flaw in backup management platform (CVE-2024-29212)

Veeam has patched a high-severity vulnerability (CVE-2024-29212) in Veeam Service Provider Console (VSPC) and is urging customers to implement the patch. About CVE-2024-29212 Veeam Service Provider Console is a cloud platform used by managed services p… Continue reading Veeam fixes RCE flaw in backup management platform (CVE-2024-29212)

Why cloud vulnerabilities need CVEs

When considering vulnerability management’s purpose in a modern world, it’s imperative to recognize the huge transition to new technologies and how you manage risk within these different paradigms and environments (e.g., the cloud). Patch network… Continue reading Why cloud vulnerabilities need CVEs

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher ap… Continue reading Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system fi… Continue reading CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)

The newest version of Ivanti Avalanche – the company’s enterprise mobile device management (MDM) solution – carries fixes for 27 vulnerabilities, two of which (CVE-2024-29204, CVE-2024-24996) are critical and may allow a remote unauth… Continue reading Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)

Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988)

On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro&#821… Continue reading Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988)