Security News

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

2024-10-02 11:05

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say...

#critical #CVE #exploitation #RCE #vulnerability #zimbra #CVE-2024-45519

SCCMSecrets: Open-source SCCM policies exploitation tool

2024-09-30 04:30

SCCMSecrets is an open-source tool that exploits SCCM policies, offering more than just NAA credential extraction. SCCM policies are a key target for attackers in Active Directory environments, as...

#exploitation #opensource

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

2024-09-25 12:38

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the...

#cybersecurity #exploitation #researcher

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

2024-09-25 06:01

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities...

#cisa #critical #exploitation #ivanti #vulnerability #CVE-2024-7593

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

2024-09-14 04:12

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is...

#cloud #exploitation #ivanti #vulnerability #CVE-2024-8190

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

2024-09-06 15:55

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as...

#critical #exploitation #firewall #patch #sonicwall #CVE-2024-40766

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

2024-08-28 06:50

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its...

#apache #cisa #critical #exploitation #report #CVE-2024-38856

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

2024-08-27 04:45

Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as...

#chrome #CVE #exploitation #google #security #CVE-2024-7965

Critical Progress WhatsUp RCE flaw now under active exploitation

2024-08-07 15:34

Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. [...]

#critical #exploitation #progress #RCE

99% of IoT exploitation attempts rely on previously known CVEs

2024-07-05 04:30

The explosion of Internet of Things devices has brought about a wide range of security and privacy challenges, according to Bitdefender and NETGEAR. The report is based on global telemetry of 3.8 million homes and 50 million IoT devices that generated 9.1 billion security events over the course of 12 months. Vulnerabilities in IoT frameworks, like those found in the ThroughTek Kalay platform, expose millions of users to potential privacy breaches.

#CVE #exploitation #IOT

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News