Chinese Hackers Exploit Serious Flaw in Versa SD-WAN Systems

A Chinese cyber-espionage group, known as Volt Typhoon, has been exploiting a newly discovered security flaw in Versa Networks’ SD-WAN Director servers. This zero-day vulnerability, identified as CVE-2024-39717, has already been used to infiltrate several organizations. Given the seriousness…

Hackers exploit Roundcube webmail flaw to steal email, credentials

bleepingcomputer.com - 21/Oct 21:14

Threat actors have been exploiting a vulnerability in the Roundcube Webmail client to target government organizations in the Commonwealth of...

Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766

securityaffairs.co - 29/Oct 11:51

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators...

FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024

securityaffairs.co - 24/Oct 11:08

The “FortiJump” flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant. A...

Apache Lucene fixes CVE-2024-43383

thecyberthrone.in - 02/Nov 04:02

Apache Lucene.NET, an open-source search library has been discovered having a security flaw that could allow attackers to remotely execute malicious...

Unknown threat actors exploit Roundcube Webmail flaw in phishing campaign

securityaffairs.co - 21/Oct 06:28

Hackers exploited a now-patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software. Researchers from...

Hackers Use Fog Ransomware To Attack SonicWall VPNs And Breach Corporate Networks

itsecuritynews.info - 29/Oct 13:36

Recent cyberattacks involving Akira and Fog threat actors have targeted various industries, exploiting a vulnerability (CVE-2024-40766) in SonicWall...

Google fixes CVE-2024-10487 and CVE-2024-10488 in latest Chrome version

thecyberthrone.in - 30/Oct 08:20

Google has released updates to address two vulnerabilities in the Chrome browser that could potentially allow attackers to take control of...

What’s behind unchecked CVE proliferation, and what to do about it

itsecuritynews.info - 01/Nov 14:13

The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations’ cyber defenses....

PoC Exploit released for Microsoft flaw CVE-2024-43532

thecyberthrone.in - 23/Oct 14:21

Researcher from Akamai has released a proof-of-concept (PoC) exploit code for a critical Elevation of Privilege vulnerability, that’s tracked as...

Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation

itsecuritynews.info - 30/Oct 18:09

Fortinet has updated their security advisory addressing a critical FortiManager vulnerability (CVE-2024-47575) to include additional workarounds and...

Rubriques :