Tag: PATCH

Moxa Warns of Critical Authorization Vulnerability in EDS-508A Series Ethernet Switches
Summary: Moxa has issued a security advisory for CVE-2024-12297, a critical vulnerability (CVSS 9.2) in its EDS-508A Series Ethernet switches that affects firmware version 3.11 and earlier. This vulnerability allows attackers to bypass authentication, potentially gaining unauthorized access to sensitive configurations or disrupting operations. Moxa has provided a security patch and recommended mitigations to protect affected devices.…
Read More
Summary: Security researcher MrAle_98 has disclosed a proof-of-concept exploit for a zero-day vulnerability, CVE-2024-49138, affecting the Windows Common Log File System (CLFS) Driver. This elevation of privilege flaw, with a CVSS score of 7.8, allows attackers to gain SYSTEM privileges on affected devices. Microsoft confirmed that the vulnerability was actively exploited before a patch was released, emphasizing the urgency for users to update their systems.…
Read More
HPE Investigating Breach Claims After Hacker Offers to Sell Data
Summary: HPE is investigating claims made by hacker IntelBroker regarding the sale of allegedly stolen data from its systems. The compromised information includes source code, private repositories, and some personal information. HPE has activated its cyber response protocols and asserts that there is no operational impact or evidence of customer data being involved.…
Read More
The Lynx ransomware, identified as a successor to the INC ransomware family, has been actively targeting various industries in the US and UK since July 2024. Operating under a ransomware-as-a-service model, Lynx employs tactics such as phishing, service termination, and double extortion. The ransomware uses robust encryption methods and has shown a significant overlap with its predecessor, INC.…
Read More
A series of critical vulnerabilities have been reported across various platforms, including Aviatrix Controller and Microsoft 365 applications, leading to significant security risks such as unauthorized access and data breaches. Additionally, a new phishing tactic targeting Apple iMessage users and a malicious PyPi package aimed at Discord developers have emerged, highlighting the evolving threat landscape.…
Read More
10 Most Historic Cyber Attacks That Changed the Internet World
This article discusses the evolution of cyber warfare through historical cyberattacks, emphasizing the importance of cybersecurity in the digital age. It highlights ten significant cyber incidents that have shaped our understanding of digital security, the lessons learned, and the ongoing threats organizations face today. Affected: organizations, government, healthcare, energy, transportation, technology sector

Keypoints :

Cyberattacks are malicious attempts to steal, damage, or disrupt computer systems and data.…
Read More
If you think you blocked NTLMv1 in your org, think again
Silverfort has uncovered a significant misconfiguration in Active Directory Group Policy that allows NTLMv1 authentications to persist despite attempts to disable it. This flaw poses a security risk for organizations using on-prem applications, as attackers can exploit this vulnerability to gain unauthorized access. Affected: Active Directory, NTLMv1

Keypoints :

Silverfort’s research reveals a misconfiguration in Group Policy that allows NTLMv1 authentications to continue.…
Read More
Private Keys in the Fortigate Leak – Hanno’s blog
Summary: Recently, a leak of configuration files for Fortigate/Fortinet devices revealed sensitive data, including TLS and SSH private keys, due to a known vulnerability (CVE-2022-40684). Despite previous warnings from Fortinet about active exploitation, many users failed to change their default passwords, leaving their systems vulnerable. The incident highlights ongoing issues with security practices and the effectiveness of security advisories.…
Read More
Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others
Key vulnerabilities in major platforms such as SAP, Microsoft, and Fortinet have been identified, necessitating immediate attention due to active exploitation by threat actors. The vulnerabilities include privilege escalation, unauthorized access, and critical flaws in widely used applications. Affected: SAP, Microsoft, Fortinet

Keypoints :

Cyble Research and Intelligence Labs (CRIL) analyzed vulnerabilities disclosed between January 8 and 14, 2025.…
Read More
Summary: Veeam has revealed a critical Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2025-23082, in its Backup for Microsoft Azure product. This high-severity flaw, with a CVSS score of 7.2, could allow attackers to send unauthorized requests, potentially leading to network enumeration and further malicious activities.…
Read More
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Summary: Austrian privacy non-profit None of Your Business (noyb) has filed complaints against several companies, including TikTok and Xiaomi, for allegedly violating EU data protection laws by transferring user data to China. The organization seeks an immediate halt to these data transfers, citing concerns over Chinese government access to personal information.…
Read More
CISA warns of exploited Fortinet bugs as Microsoft issues its biggest Patch Tuesday in years
Summary: A zero-day vulnerability in FortiGate firewalls is actively being exploited by hackers, prompting urgent action from the federal government and cybersecurity firms. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies patch this vulnerability by January 21, highlighting its critical nature. Additionally, concerns have been raised about an older vulnerability that has recently led to the leak of configurations for thousands of FortiGate devices.…
Read More
W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
Summary: A critical vulnerability in the W3 Total Cache plugin, used by over a million WordPress sites, could allow attackers to access sensitive information and perform unauthorized actions. Despite a patch being released, many sites remain unprotected, leaving them open to exploitation. The flaw, tracked as CVE-2024-12365, poses significant risks including Server-Side Request Forgery (SSRF) and information disclosure.…
Read More
Evading Endpoint Detection and Response EDR
Endpoint Detection and Response (EDR) solutions are crucial for modern cybersecurity, enabling quick threat detection and response through extensive telemetry. However, attackers utilize various evasion techniques to bypass these systems, exploiting vulnerabilities in EDR architecture and Windows core files. This guide provides insights into EDR monitoring, evasion methods, and defensive strategies.…
Read More
15K Fortigate Firewall Configs Leaked By Belsen Group: Dumped Using Zero-Day in 2022
A recent leak of over 15,000 Fortigate firewall configurations has raised concerns about the security of devices vulnerable to CVE-2024-55591 and CVE-2022-40684. The threat actor known as “Belsen_Group” is believed to have exploited these vulnerabilities and subsequently leaked the configurations in January 2025. Organizations are urged to check their exposure and take necessary mitigation steps.…
Read More
Strategic Approaches to Threat Detection, Investigation & Response
Summary: The digital era presents both opportunities and challenges, with sophisticated cyber threats like ransomware and phishing campaigns posing significant risks to organizations. Threat Detection, Investigation, and Response (TDIR) has emerged as a vital strategy in modern cybersecurity, integrating advanced technologies and skilled professionals to enhance threat management.…
Read More