Advisories
Critical Vulnerability in PHP CGI (CVE-2024-4577)
On June 6th, cybersecurity firm Devcore published an advisory detailing a critical bug in the widely used web framework PHP-CGI. Successful exploitation of this vulnerability allows a remote attacker without credentials to perform remote code execution (RCE) on a targeted machine.
Jun 11, 2024 - 3 Min Read
High Severity Vulnerability in SolarWinds Serv-U (CVE-2024-28995)
On June 5th, SolarWinds disclosed a vulnerability in their file transfer application Serv-U. The vulnerability is being tracked as CVE-2024-28995 and is a directory transversal vulnerability that would allow an attacker to read sensitive files on the target machine.
Jun 7, 2024 - 2 Min Read
Snowflake Data Breach
On May 31st, cybercrime intelligence firm Hudson Rock published a report detailing communications with a threat actor behind recent high-profile, high-impact breaches of Ticketmaster and Santander Bank. In their conversation, the threat actor revealed they were able to compromise Ticketmaster and Santander data due to an initial breach they executed against cloud data services company Snowflake.
May 31, 2024 - 2 Min Read
Critical Vulnerability in CheckPoint Quantum (CVE-2024-24919)
On May 27th, the Check Point Research Division reported a vulnerability in certain Check Point Quantum Security Gateway devices. The vulnerability is being tracked as CVE-2024-24919, which provides a remote attacker the ability to access protected information on an affected device without credentials.
May 29, 2024 - 2 Min Read
Critical Vulnerability In Veeam Service Provider Console (VSPC) (CVE-2024-29212)
On May 7th, Veeam Software reported a critical vulnerability they found during internal testing of their Veeam Service Provider Console (VSPC) product. The vulnerability allows a remote attacker with low level access credentials the ability to carry out arbitrary remote code execution (RCE) on a victim machine.
May 9, 2024 - 2 Min Read
Sophisticated Attacks Against Cisco ASA and FTD software Leveraging Multiple Vulnerabilities (CVE-2024-20353, CVE-2024-20358, and CVE-2024-20359)
On April 24th, Cisco reported on an attack campaign against certain Cisco devices running Cisco Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) Software. The report detailed three vulnerabilities: CVE-2024-20353, CVE-2024-20358, and CVE-2024-20359.
Apr 25, 2024 - 5 Min Read
Critical Command Injection Vulnerability In Palo Alto Network Global Protect (CVE-2024-3400)
On April 12, 2024, Palo Alto Networks disclosed a critical command injection vulnerability identified as CVE-2024-3400, impacting certain configurations of its PAN-OS software. This vulnerability allows unauthenticated attackers to execute arbitrary commands with root privileges.
Apr 13, 2024 - 3 Min Read
JetBrains TeamCity Critical Vulnerability (CVE-2024-27198 and CVE-2024-27199)
On March 4th, 2024, software development company JetBrains disclosed two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) in their Continuous Integration / Continuous Deliver (CI/CD) product, TeamCity.
Mar 8, 2024 - 1 Min Read
Severe ConnectWise ScreenConnect Vulnerability (CVE-2024-1709 & CVE-2024-1708)
On February 19th, 2024, ConnectWise published a security bulletin reporting two impactful vulnerabilities in their product ConnectWise. One of these vulnerabilities is particularly severe, with a critical rating of 10.0 on the CVSS scale, indicating the highest level of risk when successfully exploited.
Feb 20, 2024 - 2 Min Read
Microsoft Outlook Critical Vulnerability Under Active Exploitation (CVE-2024-21410)
On February 13th, 2024, Microsoft addressed several vulnerabilities as part of its monthly Patch Tuesday. One of those vulnerabilities was in Microsoft Exchange Server and was reported as critical because the attack vector is 1) remote, 2) unauthenticated, and 3) low complexity.
Feb 14, 2024 - 2 Min Read