Collaborate Disseminate
Veeam has patched four vulnerabilities in Backup Enterprise Manager (VBEM), one of which (CVE-2024-29849) may allow attackers to bypass authentication and log in to its web interface as any user. With no user interaction required for remote exploitatio… Continue reading Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Technical details about and a proof-of-concept (PoC) exploit for CVE-2024-22026, a privilege escalation bug affecting Ivanti EPMM, has been released by the vulnerability’s reporter. About CVE-2024-22026 Ivanti Endpoint Manager Mobile (formerly Mo… Continue reading PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
The US Justice Department had unsealed charges against a US woman and an Ukranian man who, along with three unidentified foreign nationals, have allegedly helped North Korean IT workers work remotely for US companies under assumed US identities and thu… Continue reading US exposes scheme enabling North Korean IT workers to bypass sanctions
Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users’ traffic by attackers who are on the same local network. ̶… Continue reading Attackers may be using TunnelVision to snoop on users’ VPN traffic (CVE-2024-3661)
Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives. Despite decades of often-repeated statements proclaiming the deat… Continue reading Microsoft, Google widen passkey support for its users
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software’s network monitoring/analysis and security solution, have been published. The critical vulnerab… Continue reading PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The vulnerability allows attackers to escape their virtual file system and download system fi… Continue reading CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. “Device teleme… Continue reading Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret… Continue reading A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
Research has found that criminals can demand higher ransom when they compromise an organisation’s backup data in a ransomware attack. Discover advice from security experts on how to properly protect your backup. Continue reading Sophos Study: 94% of Ransomware Victims Have Their Backups Targeted By Attackers