Week in Overview(19 Mar-26 Mar) – 2024 Technical Summary 1.Pwn2Own Vancouver 2024: Pwn2Own Vancouver 2024 showcased the skills of cybersecurity researchers in identifying critical vulnerabilities across various platforms. Notable exploits included escalations of privileges on Windows 11, exploits of VMware Workstation and Oracle VirtualBox, and successful remote code execution on web browsers like Mozilla Firefox,
More
Week in Overview(12 Mar-19 Mar) – 2024 Technical Summary 🚨 Vulnerability of the Week A critical vulnerability, identified as CVE-2024-23112, has been discovered in FortiOS and FortiProxy, exposing a significant security flaw that could lead to unauthorized access to user bookmarks. Tracked under Common Weakness Enumeration (CWE-639), this vulnerability allows authenticated malicious users to bypass
More
Week in Overview(5 Mar-12 Mar) – 2024 Technical Summary 4. Critical Security Alert: CVE-2024-1403 in Progress OpenEdge: CVE-2024-1403, a critical vulnerability in Progress OpenEdge, allows unauthorized users to obtain admin permissions and potentially execute remote code. While no path to Remote Code Execution (RCE) has been discovered, the exploit poses significant risks. 5. Urgent Security
More
Week in Overview(27 Feb-5 Mar) – 2024 Technical Summary 4. Critical Vulnerability in Linksys E2000 Router (CVE-2024-27497): 5. Vulnerabilities in JetBrains TeamCity CI/CD Server: 6. New #PlanetStealer Malware Threat: 🚨 Vulnerability of the Week In February 2024, Rapid7’s vulnerability research team discovered two critical vulnerabilities affecting JetBrains TeamCity CI/CD server. These vulnerabilities, identified as CVE-2024-27198
More