Report

Threat Intel Roundup: PwnOverWifi, GravityRAT, BadSpace, iconv

Technical Summary CVE-2024-6044 and CVE-2024-6045 Vulnerabilities in D-Link EAGLE PRO AI and AQUILA PRO AI Devices Two critical vulnerabilities, CVE-2024-6044 and CVE-2024-6045, have been identified in the D-Link EAGLE PRO AI and AQUILA PRO AI device families. These vulnerabilities allow for LAN-side arbitrary file reading and elevated unauthenticated access. BadSpace Malware Delivered via Compromised Websites

More

Threat Intel Roundup: Apple, PHP, APT36, Veeam

Technical Summary Apple Intelligence introduces advanced AI capabilities across the Apple ecosystem, enhancing user experiences through improved functionalities in Siri, Photos, Mail, Maps, and other applications. Siri benefits from better voice recognition and contextual understanding, while the Photos app offers sophisticated image recognition and curation features. The Mail app sees improvements in spam filtering and

More

Threat Intel Roundup: Snowflake, Telerik, CheckPoint, Cox

Week in Overview(28 May-4 Jun) – 2024 🚨 Vulnerability of the Week Active network exploitation of CVE-2024-24919 has been detected. This vulnerability, which affects Checkpoint Security Gateways solutions with Remote Access VPN (IPSec) or Mobile Access blade capabilities enabled, could allow a remote malicious user to steal sensitive information and gain access to target accounts.

More
Threat Intel Roundup: glibc, Anatsa, iconv, NahamCon

Threat Intel Roundup: glibc, Anatsa, iconv, NahamCon

Technical Summary Zero-Interaction Local Privilege Escalation in Zscaler Client Connector A critical security issue was discovered in the Zscaler Client Connector, enabling a zero-interaction local privilege escalation. By chaining together several low-level vulnerabilities, attackers could escalate privileges and execute arbitrary commands as the NT AUTHORITY\SYSTEM service account on Windows. The vulnerabilities involved: Exploitation was achieved

More