Weekly Threat Landscape Digest – Week 49
This week’s cybersecurity digest delves into critical vulnerabilities and emerging threat actor activities, underscoring the urgent need for proactive security […]
Weekly Threat Landscape Digest – Week 48
This week’s cybersecurity digest highlights multiple critical vulnerabilities and threat actor activities, emphasizing the importance of proactive mitigation strategies. Vulnerabilities […]
Critical Remote Code Execution Vulnerability in Palo Alto Networks PAN
On November 8, 2024, Palo Alto Networks issued a security advisory concerning a potential remote code execution (RCE) vulnerability affecting […]
Detecting and Mitigating Lateral Movement
Background Lateral movement refers to a post-exploitation activity in which a threat actor attempts to penetrate adjacent devices. After acquiring […]
CVE-2024-9487: Critical Vulnerability Affecting GitHub Enterprise Server
Background The most recent GitHub Enterprise Server (GHES) security update fixes three recently found vulnerabilities, one of which is a […]
Critical vulnerabilities in Palo Alto Expedition
Background To facilitate the process of transferring configurations from different vendors to Palo Alto Networks’ PAN-OS, Expedition is an enhanced […]
October 2024 – Microsoft patch tuesday highlights
Background Microsoft’s October 2024 Patch Tuesday updates are now available. They provide essential safety enhancements that IT professionals should apply. […]
HookChain: A New Approach to Bypassing EDR Solutions
Background Cybersecurity risks in today’s quickly changing digital environment are getting more complex and challenging to identify. As organizations strengthen […]
Critical RCE Vulnerabilites affecting Aruba Access Points
Background The parent company of Aruba Networks, Hewlett Packard Enterprise (HPE), issued a security bulletin on September 24, 2024, addressing […]
CVE-2024-38812: VMware vCenter Server RCE Vulnerability
Background Two critical vulnerabilities in VMware’s vCenter Server platform were recently patched by Broadcom, with the more severe of the […]
Cicada – A new ransomware targeting VMware ESXi systems
Background A recent ransomware-as-a-service (RaaS) campaign has swiftly targeted organizations across the globe by pretending to be the authentic Cicada […]
CVE-2024-6800: A critical authentication bypass vulnerability affects the GitHub Enterprise Server
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
CVE-2024-40766: Critical SonicWall Firewall Vulnerability
Background SonicWall has released a patch to address a severe vulnerability discovered in certain SonicOS-based firewall devices. The vulnerability, CVE-2024-40766 […]
CISA Warning: SolarWinds’ RCE Vulnerability Being Exploited
Background Concerns have been raised by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the potential exploitation of a […]
August 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft’s August 2024 Patch Tuesday release includes security patches for 85 vulnerabilities. These are six actively exploited zero-day vulnerabilities […]
CVE-2024-41110: Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Background Docker released an advisory on July 23, 2024, addressing a vulnerability in the authorization plugins (AuthZ) used to control […]
Recent CrowdStrike Outage and It Being Abused
Background On 19th July 2024, Friday, a critical disruption was unintentionally caused across several infrastructures and organizations by a regular […]
July 2024 – Microsoft Patch Tuesday Highlights
Background Microsoft has released the July 2024 Patch Tuesday updates to improve and reinforce its products’ security against a variety […]
Eldorado: A New Ransomware Targeting ESXi VMs
Background Researchers have noticed a consistent rise in ransomware attacks against VMware ESXi infrastructure and other virtualized systems in recent […]
regreSSHion: RCE Vulnerability in OpenSSH Server (CVE-2024-6387)
The Secure Shell (SSH) protocol, which is essential for secure communication over unprotected networks, is the foundation of the OpenSSH […]
Polyfill Supply Chain Attack
Popular JavaScript library and service Polyfill.io allows outdated browsers that do not support browser APIs or newer JavaScript capabilities to […]
Tellyouthepass Ransomware and The Active Exploitation of CVE-2024-4577
PHP is mostly used as a programming language for creating dynamic websites and online applications. It operates on the server […]
June 2024 – Microsoft Patch Tuesday Highlights
In order to strengthen Microsoft products against a range of security threats, Microsoft has issued the June 2024 Patch Tuesday […]
The Linux Variant of TargetCompany Ransomware targets ESXi Environments
The TargetCompany ransomware was discovered in June 2021. Trend Micro tracks it under the name “Water Gatpanapun,” and it has […]