Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
Summary: A proof-of-concept exploit has been released for a critical Veeam Recovery Orchestrator authentication bypass vulnerability, increasing the risk of exploitation in attacks.
Threat Actor: Sina Kheirkha | Sina Kheirkha Victim: Veeam Recovery Orchestrator | Veeam Recovery Orchestrator
Key Point :
A proof-of-concept exploit has been developed by security researcher Sina Kheirkha for the CVE-2024-29855 vulnerability in Veeam Recovery Orchestrator.…Summary: Google has released patches for 50 security vulnerabilities.
Threat Actor: None Victim: None
Key Point :
Google has released patches for 50 security vulnerabilities, including two zero-day flaws that were exploited by forensics companies against users with apps like Wasted and Sentry. The vulnerabilities were fixed on Pixels with the June update (Android 14 QPR3) and will be fixed on other Android devices when they eventually update to Android 15.…Devcore announced a critical remote code execution (RCE) vulnerability in PHP, designated CVE-2024-4577. This flaw affects all PHP versions from 5.x onward running on Windows servers, making it a significant concern due to PHP’s widespread use. This vulnerability stems from mishandling character encoding conversions, particularly affecting systems using certain code pages for languages like Chinese or Japanese.…
AhnLab SEcurity intelligence Center (ASEC) has identified the details of the Kimsuky threat group recently exploiting a vulnerability (CVE-2017-11882) in the equation editor included in MS Office (EQNEDT32.EXE) to distribute a keylogger. The threat actor distributed the keylogger by exploiting the vulnerability to run a page with an embedded malicious script with the mshta process.…
Note: Volexity has reported the activity described in this blog and details of the impacted systems to CERT at the National Informatics Centre (NIC) in India.
In 2024, Volexity identified a cyber-espionage campaign undertaken by a suspected Pakistan-based threat actor that Volexity currently tracks under the alias UTA0137.…
Check Point Research reported a Foxit PDF Reader vulnerability that threat actors have begun exploiting, putting the application’s users at risk. When exploited, the bug triggers security warnings that may deceive unsuspecting users into executing harmful commands.
The WhoisXML API research team, in a bid to shed more light on the issue by uncovering more potential attack vectors, thus expanded a public list of indicators of compromise (IoCs).…
Summary: Fortinet has addressed multiple vulnerabilities in its FortiOS and other products, including stack-based buffer overflow flaws that can be exploited by an authenticated attacker to achieve code or command execution.
Threat Actor: Fortinet | Fortinet Victim: Users of Fortinet products | Fortinet
Key Point :
Fortinet has addressed multiple vulnerabilities in its FortiOS and other products, including stack-based buffer overflow flaws that can be exploited by an authenticated attacker to achieve code or command execution.…Threat Actor: Unknown | Unknown Victim: Israeli Government | Israeli Government Price: Free Exfiltrated Data Type: Personal information (names, phone numbers, plates, date of birth, address)
Additional Information:
The threat actor uploaded an alleged database of www.gov.il to a dark web forum. The leaked data is from a website used by Israeli citizens for government affairs and bureaucratic tasks.…Summary: US government contractors providing software for critical infrastructure must fill out a form asserting that their software followed secure-by-design principles and that each component was under their scrutiny in the form of software bills of material (SBOMs).
Threat Actor: N/A
Victim: US government contractors providing software for critical infrastructure.…
Summary: This content discusses Apple security updates and provides information about recent releases and vulnerabilities.
Threat Actor: None
Victim: None
Key Point :
Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases and vulnerabilities are listed on the Apple security releases page.…Summary: This content discusses a vulnerability in Rockwell Automation controllers that could compromise the availability of the device.
Threat Actor: N/A
Victim: Rockwell Automation
Key Point:
The vulnerability, known as Always-Incorrect Control Flow Implementation, affects several Rockwell Automation controllers including ControlLogix, GuardLogix, and CompactLogix. Exploiting this vulnerability could result in a major nonrecoverable fault (MNRF/Assert) and compromise the availability of the device.…Security teams spend a lot of time chasing software vulnerabilities. The fact is, however, that their time would be better spent combating malware because the payoff is better: faster detection, response, and resolution of threats.…
Written by: Kristen Dennesen, Luke McNamara, Dmitrij Lenz, Adam Weidemann, Aline Bueno
Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society.…
Summary: The content discusses the potential exploitation of a recently patched Windows vulnerability by the threat actor behind the Black Basta ransomware.
Threat Actor: Black Basta ransomware | Black Basta ransomware Victim: Not specified
Key Point :
The Black Basta ransomware group may have used a recently patched Windows vulnerability as a zero-day exploit.…Threat Actor: Stuxnet and LulzSec Muslim | Stuxnet, LulzSec Muslim Victim: Omni Consulting | Omni Consulting Price: Not mentioned in the article Exfiltrated Data Type: Not mentioned in the article
Additional Information:
Stuxnet and LulzSec Muslim collaborated to take down the server of Omni Consulting in the United Arab Emirates.…Summary: A Chinese espionage campaign targeting Fortinet edge devices has resulted in the compromise of at least 20,000 systems worldwide, including governments, international organizations, and defense industry companies.
Threat Actor: Chinese spies | Chinese spies Victim: Dutch defense networks, Western governments, international organizations, defense industry companies | Dutch defense networks
Key Point :
A Chinese espionage campaign targeted Fortinet edge devices and exploited a zero-day vulnerability to deploy the Coathanger remote access Trojan (RAT) on Dutch defense networks.…Threat Actor: Unknown | Unknown Victim: Italian Internet Service Provider | Italian Internet Service Provider Price: Not specified Exfiltrated Data Type: Critical data from 20 different databases
Additional Information :
The threat actor claims to be selling unauthorized access to the database of a major Italian Internet Service Provider through an SQL Injection vulnerability.…Summary: JetBrains has warned its customers to patch a critical vulnerability in its IntelliJ integrated development environment (IDE) apps, which exposes GitHub access tokens.
Threat Actor: N/A
Victim: JetBrains
Key Point :
JetBrains has issued security updates to address a critical vulnerability in its IntelliJ IDE apps.…Summary: Microsoft’s June 2024 Patch Tuesday includes security updates for 51 flaws, including 18 remote code execution flaws and one publicly disclosed zero-day vulnerability.
Threat Actor: None identified.
Victim: None identified.
Key Points:
This Patch Tuesday addresses a total of 51 flaws, including 18 remote code execution vulnerabilities.…Summary: This article discusses the discovery of 24 vulnerabilities in a biometric access system manufactured by a Chinese company, highlighting the potential security risks associated with biometrics.
Threat Actor: N/A Victim: N/A
Key Point :
A biometric access system manufactured by a Chinese company was found to have 24 vulnerabilities, raising concerns about the security of biometric authentication.…