Author: admin

Threat Intel Roundup: FortiCVE, SSL-VPN, Trap, DarkGate

Threat Intel Roundup: FortiCVE, SSL-VPN, Trap, DarkGate

Week in Overview(12 Mar-19 Mar) – 2024 Technical Summary 🚨 Vulnerability of the Week A critical vulnerability, identified as CVE-2024-23112, has been discovered in FortiOS and FortiProxy, exposing a significant security flaw that could lead to unauthorized access to user bookmarks. Tracked under Common Weakness Enumeration (CWE-639), this vulnerability allows authenticated malicious users to bypass

More
Threat Intel Roundup: Outlook, QNAP, Okta

Threat Intel Roundup: Outlook, QNAP, Okta

Week in Overview(5 Mar-12 Mar) – 2024 Technical Summary 4. Critical Security Alert: CVE-2024-1403 in Progress OpenEdge: CVE-2024-1403, a critical vulnerability in Progress OpenEdge, allows unauthorized users to obtain admin permissions and potentially execute remote code. While no path to Remote Code Execution (RCE) has been discovered, the exploit poses significant risks. 5. Urgent Security

More
Threat Intel Roundup: Windows Defender, Lazarus, JetBrains, PlanetStealer

Threat Intel Roundup: Windows Defender, Lazarus, JetBrains, PlanetStealer

Week in Overview(27 Feb-5 Mar) – 2024 Technical Summary 4. Critical Vulnerability in Linksys E2000 Router (CVE-2024-27497): 5. Vulnerabilities in JetBrains TeamCity CI/CD Server: 6. New #PlanetStealer Malware Threat: 🚨 Vulnerability of the Week In February 2024, Rapid7’s vulnerability research team discovered two critical vulnerabilities affecting JetBrains TeamCity CI/CD server. These vulnerabilities, identified as CVE-2024-27198

More
Threat Intel Roundup: Phar, SEO Poisoning, ScreenConnect, Lockbit

Threat Intel Roundup: Phar, SEO Poisoning, ScreenConnect, Lockbit

Week in Overview(20 Feb-27 Feb) – 2024 Technical Summary 1.ScreenConnect Vulnerabilities (CVE-2024-1709, CVE-2024-1708) for Malware Delivery: ConnectWise ScreenConnect, a remote desktop solution, was affected by two critical vulnerabilities (CVE-2024-1709, CVE-2024-1708) in its server component. CVE-2024-1709 enabled authentication bypass, allowing attackers to create admin accounts, while CVE-2024-1708 facilitated remote code execution through path traversal. Exploitation of

More