Tag: Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: ‘Salt Typhoon’ causing damage in North America
Salt Typhoon, a highly sophisticated Chinese hacking group, has breached significant sectors in North America and Southeast Asia. Continue reading this Cybersecurity Threat Advisory to learn more about this notorious group and how to prevent your organization to become the...
Cybersecurity Threat Advisory: New critical vulnerability in Palo Alto Expedition
A vulnerability identified as CVE-2024-5910, has been disclosed by Palo Alto. With a CVSS score of 9.3, this vulnerability can lead to authentication bypass, enabling attackers to manipulate network configurations and launch further attacks. Read this Cybersecurity Threat Advisory for...
Cybersecurity Threat Advisory: Critical Fortinet RCE vulnerability exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a remote code execution (RCE) vulnerability being actively exploited in Fortinet products. If you are using Fortinet, please read this Cybersecurity Threat Advisory to learn how to...
Cybersecurity Threat Advisory: New critical GitLab SAML vulnerability
A new critical GitLab vulnerability within RUBY-SAML and OmniAuth-SAML libraries to bypass SAML authentication was disclosed. If you are using GitLab, read this Cybersecurity Threat Advisory to learn how to mitigate your risk. What is the threat? This vulnerability allows...
Cybersecurity Threat Advisory: Apache Avro SDK vulnerability
A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances....
Cybersecurity Threat Advisory: Exploited cryptojacking campaign impacting Docker
A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk...
Cybersecurity Threat Advisory: Critical RCE vulnerability in ZCS
There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra’s SMTP PostJournal service. Review the details...
Cybersecurity Threat Advisory: Critical GitLab SAML vulnerability
A vulnerability identified as CVE-2024-45409 has been found in GitLab’s Ruby-SAML library. This flaw stems from the improper validation of Security Assertion Markup Language (SAML) responses. Continue reading this Cybersecurity Threat Advisory to secure your environment. What is the threat?...
Cybersecurity Threat Advisory: SolarWinds ARM vulnerabilities
SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE). Review the details within this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: Active exploitation of Ivanti CSA vulnerability
A new vulnerability known as CVE-2024-8190 is affecting Ivanti Cloud Services Appliance (CSA) and is being actively exploited. This OS command injection vulnerability allows a remote, authenticated attacker to execute arbitrary commands on the system. Review the details in this...