Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability in question, CVE-2024-52875, refers Read more…
Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. “These vulnerabilities affect both the Reyee platform, as well as Read more…
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: Read more…
Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, Read more…
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and Read more…
OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. “Attackers successfully exploiting these vulnerabilities can access, control, and disrupt devices Read more…
Russian spies using remote desktop protocol files to phish • The Register Microsoft says a mass phishing campaign by Russia’s foreign intelligence services (SVR) is now in its second week, and the spies are using a novel info-gathering technique. First spotted on October 22, Microsoft said in a report published Read more…
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. “The campaign involves modular infection Read more…
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers Oct 22, 2024Ravie LakshmananVulnerability / Software Security Details have emerged about a now-patched security flaw in Styra’s Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology LAN Manager (NTLM) hashes. “The vulnerability Read more…
Grafana critical vulnerability risks remote code execution Grafana, an open-source data analytics and visualization platform, was found to have a critical vulnerability that could lead to remote code execution. The flaw, tracked as CVE-2024-9264, which has a CVSS v4 score of 9.4, was introduced in Grafana version 11 released in Read more…