Technical Summary CVE-2024-6044 and CVE-2024-6045 Vulnerabilities in D-Link EAGLE PRO AI and AQUILA PRO AI Devices Two critical vulnerabilities, CVE-2024-6044 and CVE-2024-6045, have been identified in the D-Link EAGLE PRO AI and AQUILA PRO AI device families. These vulnerabilities allow for LAN-side arbitrary file reading and elevated unauthenticated access. BadSpace Malware Delivered via Compromised Websites
MoreWeek in Overview(28 May-4 Jun) – 2024 🚨 Vulnerability of the Week Active network exploitation of CVE-2024-24919 has been detected. This vulnerability, which affects Checkpoint Security Gateways solutions with Remote Access VPN (IPSec) or Mobile Access blade capabilities enabled, could allow a remote malicious user to steal sensitive information and gain access to target accounts.
More
Technical Summary Zero-Interaction Local Privilege Escalation in Zscaler Client Connector A critical security issue was discovered in the Zscaler Client Connector, enabling a zero-interaction local privilege escalation. By chaining together several low-level vulnerabilities, attackers could escalate privileges and execute arbitrary commands as the NT AUTHORITY\SYSTEM service account on Windows. The vulnerabilities involved: Exploitation was achieved
MoreTechnical Summary BreachForum, a notorious online platform for trading stolen data, has been seized by the United States Federal Bureau of Investigation (FBI). The forum’s landing page now displays a notice confirming the FBI’s control and shows images of the administrators’ Telegram profile pictures behind bars. This seizure disrupts a key hub for cybercriminals and
More