Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012

We detail the observed limited activity regarding authentication bypass vulnerability CVE-2024-0012 affecting specific versions of PAN-OS software, and include protections and mitigations. The post Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 appeared first on Unit 42. This article…

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

itsecuritynews.info - 18/Nov 15:32

Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been...

GitLab fixes High severity vulnerability CVE-2024-9693

thecyberthrone.in - 14/Nov 13:51

GitLab has released patches to address a high-severity vulnerability that could grant unauthorized access to Kubernetes clusters. The most serious...

Veeam Fixes CVE-2024-40715 with a hotfix release

thecyberthrone.in - 07/Nov 13:58

Veeam has released a patch for a vulnerability impacting Veeam Backup Enterprise Manager. that is vulnerable to Man-in-the-Middle (MITM)...

Security plugin flaw in millions of WordPress sites gives admin access

bleepingcomputer.com - 17/Nov 15:19

A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple...

CISA adds PTZOptics flaws to its KEV Catalog

thecyberthrone.in - 05/Nov 07:32

The US CISA has added PTZOptics flaws to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation. CVE-2024-8956 ...

Frag Ransomware Dissection

thecyberthrone.in - 11/Nov 16:16

A new ransomware strain named Frag ransomware has been discovered during the series of cyberattacks involving exploiting a vulnerability in Veeam...

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)

itsecuritynews.info - 07/Nov 09:36

Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that...

Android flaw CVE-2024-43093 may be under limited, targeted exploitation

securityaffairs.co - 05/Nov 08:51

Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild. Threat actors are actively...

Cisco Fixes Critical CVE-2024-20418 Vulnerability in Industrial Wireless Access Points

itsecuritynews.info - 09/Nov 15:02

Cisco recently disclosed a critical security vulnerability, tracked as CVE-2024-20418, that affects specific Ultra-Reliable Wireless Backhaul...

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

itsecuritynews.info - 14/Nov 10:06

CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least...

Rubriques :