SolarWinds

SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks

SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks Sep 17, 2024Ravie LakshmananSoftware Security / Data Protection SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in remote code execution. The vulnerability, tracked as CVE-2024-28991, Read more…

Cloud Appliance Vulnerability

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS Read more…

ScRansom Ransomware

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. “CosmicBeetle replaced its Read more…

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system’s permissions-based model, which revolves around the Transparency, Consent, and Read more…