Weekly Threat Landscape Digest – Week 47
In today’s fast-evolving cybersecurity environment, organizations must stay ahead of emerging risks and vulnerabilities. From sophisticated zero-day exploits to novel […]
Zscaler Capabilities and Its Use in Threat Detection and Response
Background The emergence of cloud-based services has changed how businesses approach network security in the always changing field of cybersecurity. […]
Latrodectus: A New Malware Emerges in Phishing Campaigns
Key Points Latrodectus, an evolution of the IcedID loader, was discovered in malicious email campaigns since November 2023. Researchers at […]
Critical Vulnerabilities Affecting FortiOS, FortiProxy, and FortiClientEMS
Background Five Fortinet advisories that address vulnerabilities in a variety of products, such as FortiOS and FortiProxy SSLVPN, FortiWLM MEA […]
Critical Fixes for March 2024 Patch Tuesday
Background Microsoft has issued Patch Tuesday for March 2024, fixing 61 security flaws. Two vulnerabilities are categorized as critical in […]
ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)
ConnectWise released a major advisory on February 19, 2024, addressing two extremely serious vulnerabilities affecting ScreenConnect versions 23.9.7 and earlier: […]
CVE-2024-22245: VMware Requests EAP Uninstall ASAP
This week, VMware published a security advisory addressing two vulnerabilities detected in the VMware Enhanced Authentication Plug-in (EAP): one recorded […]
CVE-2024-21413: Critical MonikerLink Vulnerability in Outlook
An intriguing vulnerability in how Outlook handles particular hyperlinks has been found, and threat actors have been known to use […]
Alert Advisory: Customer Advice Regarding the AnyDesk Incident
Remote Desktop Software AnyDesk recently faced a cyberattack. On February 1st, 2024, AnyDesk revealed that a cyber attack had allowed […]
CVE-2024-21893: New Ivanti Zero-Day Vulnerability Actively Exploited
Employees, partners, and clients may access business data and apps securely and under control with the help of Ivanti Connect […]
CVE-2024-21591: Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches
Junos OS simplifies and fine-tunes network operations, increasing operational efficiency and vital time and resources for top-line growth. Many of […]
JinxLoader Loader Used to Spread Formbook and XLoader
Based on the Go programming language, JinxLoader is a recently found malware loader that fraud-related actors are now using to […]
CVE-2024-20272: Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability
Cisco recently resolved a significant security vulnerability in the Unity Connection. Unity Connection is a fully virtualized messaging and voicemail […]
CVE-2023-39336: SQL Injection Vulnerability in Ivanti Endpoint Manager
Ivanti Endpoint Manager is an all-in-one endpoint management solution. It provides a unified solution for managing user profiles and all […]
CVE-2023-7028: A Critical Vulnerability Affecting GitLab
GitLab is a web-based DevOps lifecycle solution developed by GitLab Inc. that provides unparalleled visibility and productivity throughout the whole […]
CVE-2023-50164: Apache Struts Path Traversal Vulnerability
Threat actors began attempting to exploit CVE-2023-50164, a critical-severity remote code execution (RCE) vulnerability affecting Apache Struts, an open-source framework […]
Enterprise Applications are at Risk from Serious Atlassian Vulnerabilities
Threat actors have historically targeted Atlassian vulnerabilities in products affected by the four vulnerabilities described below to achieve goals such […]
A New KV-Botnet Is Using Stealthy Attacks to Target Cisco, DrayTek, and Fortinet Devices
Since at least 2022, a highly capable botnet known as the “KV-botnet” has been associated with the Chinese state-sponsored APT […]
CVE-2023-36553: Command Injection Vulnerability in FortiSIEM
Fortinet, a major cybersecurity company, recently published an advisory regarding a critical vulnerability affecting its FortiSIEM Report Server. Background: The […]
DarkCasino: A New Emerging APT Threat Exploiting a WinRAR Flaw
NSFOCUS researchers examined the DarkCasino attack pattern, which exploited the WinRAR zero-day vulnerability identified as CVE-2023-38831. The financially motivated APT […]
Critical Vulnerability Patched in SAP Business One Product
SAP, a well-known commercial software provider, has disclosed three new vulnerabilities in its Security Patch Day release for November 2023. […]
Exploitation of Apache ActiveMQ Vulnerability CVE-2023-46604
Rapid7 Managed Detection and Response (MDR) found potential exploitation of Apache ActiveMQ CVE-2023-46604 in two distinct customer scenarios on Friday, […]
CVE-2023-4966 (Citrix Bleed) Active Exploitation
Citrix published a security bulletin on October 10, 2023, regarding a vulnerability (CVE-2023-4966) that affects the NetScaler ADC and NetScaler […]