Category: Reports

Threat Intel Roundup: Outlook, QNAP, Okta

Threat Intel Roundup: Outlook, QNAP, Okta

Week in Overview(5 Mar-12 Mar) – 2024 Technical Summary 4. Critical Security Alert: CVE-2024-1403 in Progress OpenEdge: CVE-2024-1403, a critical vulnerability in Progress OpenEdge, allows unauthorized users to obtain admin permissions and potentially execute remote code. While no path to Remote Code Execution (RCE) has been discovered, the exploit poses significant risks. 5. Urgent Security

More
Threat Intel Roundup: Windows Defender, Lazarus, JetBrains, PlanetStealer

Threat Intel Roundup: Windows Defender, Lazarus, JetBrains, PlanetStealer

Week in Overview(27 Feb-5 Mar) – 2024 Technical Summary 4. Critical Vulnerability in Linksys E2000 Router (CVE-2024-27497): 5. Vulnerabilities in JetBrains TeamCity CI/CD Server: 6. New #PlanetStealer Malware Threat: 🚨 Vulnerability of the Week In February 2024, Rapid7’s vulnerability research team discovered two critical vulnerabilities affecting JetBrains TeamCity CI/CD server. These vulnerabilities, identified as CVE-2024-27198

More
Threat Intel Roundup: Phar, SEO Poisoning, ScreenConnect, Lockbit

Threat Intel Roundup: Phar, SEO Poisoning, ScreenConnect, Lockbit

Week in Overview(20 Feb-27 Feb) – 2024 Technical Summary 1.ScreenConnect Vulnerabilities (CVE-2024-1709, CVE-2024-1708) for Malware Delivery: ConnectWise ScreenConnect, a remote desktop solution, was affected by two critical vulnerabilities (CVE-2024-1709, CVE-2024-1708) in its server component. CVE-2024-1709 enabled authentication bypass, allowing attackers to create admin accounts, while CVE-2024-1708 facilitated remote code execution through path traversal. Exploitation of

More
Threat Intel Roundup: Outlook, SmartScreen, Lockbit

Threat Intel Roundup: Outlook, SmartScreen, Lockbit

Week in Overview(13 Feb-20 Feb) – 2024 Technical Summary 4. Security Advisory Summary Report for CVE-2024-21412: 5. CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC: Week in Overview(13 Feb-20 eb) – 20 🚨 Vulnerability of the Week The vulnerability, termed the #MonikerLink bug, is assigned CVE-2024-21413 with a CVSS score of 9.8. It allows

More