Collaborate Disseminate
Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. CVE-2024-5921 CVE-202… Continue reading Researchers reveal exploitable flaws in corporate VPN clients
A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want their files decrypted. The GoZone HTML ransom note (Source: SonicWall) The ra… Continue reading GoZone ransomware accuses and threatens victims
American Water, the largest water and wastewater utility company in the US, has shut down some of its systems following a cyberattack. While the company confirmed that none of its water or wastewater facilities or operations have been negatively affect… Continue reading American Water shuts down systems after cyberattack
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting SonicWall’s firewalls – to its Known Exploited Vulnerabilities catalog, thus co… Continue reading CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
A recently patched SonicWall vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks.
The post Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek.
Continue reading Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks
SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.
The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek.
Continue reading Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances. About CVE-2024-40766 CVE-2024-40766 is an… Continue reading SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.
The post SonicWall Patches Critical SonicOS Vulnerability appeared first on SecurityWeek.
Continue reading SonicWall Patches Critical SonicOS Vulnerability
I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security experts in the world. A major theme across all three conferences was the curr… Continue reading Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable systems. About CVE-2024-38856 Apache OFBiz is a… Continue reading Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)