Malware & Threats Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet. Ionut ArghireNovember 18, 2024
Vulnerabilities Palo Alto Networks Releases IoCs for New Firewall Zero-Day Palo Alto Networks has released IoCs for the attacks exploiting a newly uncovered firewall zero-day vulnerability. Eduard KovacsNovember 18, 2024
Vulnerabilities CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog. Eduard KovacsNovember 15, 2024
Vulnerabilities Palo Alto Networks Confirms New Firewall Zero-Day Exploitation Palo Alto Networks has confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote code execution flaw. Eduard KovacsNovember 15, 2024
Vulnerabilities Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions The exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them. Ionut ArghireNovember 14, 2024
Vulnerabilities Unpatched Flaw in Legacy D-Link NAS Devices Exploited Days After Disclosure Exploitation attempts targeting CVE-2024-10914, a recently disclosed ‘won’t fix’ vulnerability affecting outdated D-Link NAS devices. Eduard KovacsNovember 14, 2024
Vulnerabilities Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands Veeam has released a hotfix for a high-severity authentication bypass vulnerability in Backup Enterprise Manager. Ionut ArghireNovember 11, 2024
Vulnerabilities Palo Alto Networks Expedition Vulnerability Exploited in Attacks, CISA Warns CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog. Eduard KovacsNovember 8, 2024
Mobile & Wireless Google Patches Two Android Vulnerabilities Exploited in Targeted Attacks Google warns of the limited, targeted exploitation of two vulnerabilities resolved with the latest Android security update. Ionut ArghireNovember 5, 2024
Malware & Threats CyberPanel Vulnerabilities Exploited in Ransomware Attacks Shortly After Disclosure CyberPanel vulnerabilities have been exploited to compromise thousands of instances as part of ransomware attacks. Eduard KovacsOctober 31, 2024
Vulnerabilities New Fortinet Zero-Day Exploited for Months Before Patch A Fortinet zero-day tracked as CVE-2024-47575 and named FortiJump has been exploited since at least June 2024. Eduard KovacsOctober 24, 2024
Network Security Cisco Patches Vulnerability Exploited in Large-Scale Brute-Force Campaign Cisco has released patches for multiple vulnerabilities in ASA, FMC, and FTD products, including an exploited flaw. Ionut ArghireOctober 24, 2024