Weekly Threat Landscape Digest – Week 47
In today’s fast-evolving cybersecurity environment, organizations must stay ahead of emerging risks and vulnerabilities. From sophisticated zero-day exploits to novel […]
Weekly Threat Landscape Digest – Week 46
As cybersecurity threats and challenges continually adapt, organizations must remain vigilant against emerging threats and vulnerabilities. This week’s digest highlights […]
Microsoft November 2024 Patch Tuesday- Critical Updates and Key Vulnerabilities
Introduction Microsoft’s November 2024 Patch Tuesday addresses 87 vulnerabilities across its software suite, including critical zero-day vulnerabilities actively exploited in […]
Critical Remote Code Execution Vulnerability in Palo Alto Networks PAN
On November 8, 2024, Palo Alto Networks issued a security advisory concerning a potential remote code execution (RCE) vulnerability affecting […]
Detecting and Mitigating Lateral Movement
Background Lateral movement refers to a post-exploitation activity in which a threat actor attempts to penetrate adjacent devices. After acquiring […]
Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited
Background Three recently identified zero-day vulnerabilities in Ivanti’s Cloud Service Appliance (CSA) are being actively exploited, the company has notified […]
CVE-2024-9487: Critical Vulnerability Affecting GitHub Enterprise Server
Background The most recent GitHub Enterprise Server (GHES) security update fixes three recently found vulnerabilities, one of which is a […]
Critical vulnerabilities in Palo Alto Expedition
Background To facilitate the process of transferring configurations from different vendors to Palo Alto Networks’ PAN-OS, Expedition is an enhanced […]
October 2024 – Microsoft patch tuesday highlights
Background Microsoft’s October 2024 Patch Tuesday updates are now available. They provide essential safety enhancements that IT professionals should apply. […]
HookChain: A New Approach to Bypassing EDR Solutions
Background Cybersecurity risks in today’s quickly changing digital environment are getting more complex and challenging to identify. As organizations strengthen […]
Critical RCE Vulnerabilites affecting Aruba Access Points
Background The parent company of Aruba Networks, Hewlett Packard Enterprise (HPE), issued a security bulletin on September 24, 2024, addressing […]
CVE-2024-38812: VMware vCenter Server RCE Vulnerability
Background Two critical vulnerabilities in VMware’s vCenter Server platform were recently patched by Broadcom, with the more severe of the […]
September 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s September 2024 Patch Tuesday rollout includes security patches for 79 vulnerabilities. Among these are four zero-days that are […]
Cicada – A new ransomware targeting VMware ESXi systems
Background A recent ransomware-as-a-service (RaaS) campaign has swiftly targeted organizations across the globe by pretending to be the authentic Cicada […]
New Malware Masquerades as Palo Alto VPN Targeting Middle East Organizations
Background Threat actors target Middle Eastern enterprises using malware masquerading as the genuine Palo Alto GlobalProtect Tool, which can steal […]
CISA Warning: CVE-2024-38856 Apache OFBiz RCE Vulnerability under active exploitation
Background A pre-authentication vulnerability in Apache OFBiz can result in remote code execution. With a CVSS score of 9.8, the […]
CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
CVE-2024-40766: Critical SonicWall Firewall Vulnerability
Background SonicWall has released a patch to address a severe vulnerability discovered in certain SonicOS-based firewall devices. The vulnerability, CVE-2024-40766 […]
CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
August 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s August 2024 Patch Tuesday release includes security patches for 85 vulnerabilities. These are six actively exploited zero-day vulnerabilities […]
CVE-2024-37085: VMware ESXi Hypervisor Vulnerability Exploited by Ransomware Groups
Background On Monday, July 29, Microsoft issued a comprehensive threat intelligence blog detailing the observed exploitation of CVE-2024-37085, an Active […]
Active exploitation of the ServiceNow RCE
Background ServiceNow provides a platform for corporate transformation. ServiceNow can be used for various purposes, including HR and employee administration, […]
CVE-2024-41110: Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Background Docker released an advisory on July 23, 2024, addressing a vulnerability in the authorization plugins (AuthZ) used to control […]
Recent CrowdStrike Outage and It Being Abused
Background On 19th July 2024, Friday, a critical disruption was unintentionally caused across several infrastructures and organizations by a regular […]