THREAT HORIZON – RegreSSHion – CVE-2024-6378

Executive Summary A new security vulnerability has been discovered in OpenSSH’s server (sshd); a common software used on Linux systems for secure communication. This issue is specific to Red Hat Enterprise Linux (RHEL) 9 and does not affect RHEL 8. The vulnerability could potentially allow attackers to crash the server or, in more severe cases, […]

Pro-Russian Hacktivists Preparing Cyber Attack on Western Financial Systems

Several Pro-Russian hacktivists have declared that they plan to launch a large-scale cyber attack on the Western Financial system within the next 48 hours. The three primary groups, KillNet, REvil and Anonymous Sudan, have formed an alliance to prepare and launch a large cyber attack. The alliance reportedly plans to carry out a distributed denial […]

Critical RCE Fortinet FortiGate Firewalls

Several patches have been released by Fortinet to address a critical security vulnerability in its FortiGate Firewalls and FortiProxy SSL-VPN that would allow a threat actor to initialise remote code execution via a heap-based buffer overflow vulnerability. The vulnerability, tracked as CVE-2023-27997, is a heap-based buffer overflow vulnerability in SSL VPN devices in Forti OS […]

MOVEit Zero-Day Vulnerability

A critical zero-day vulnerability in a secure file transfer software has been declared. “MOVEit” file transfer application by Progress Software Corporation (Progress) has been assigned a critical CVE: CVE-2023-34362. Qualys has classified the CVSS base score as 10 and the CVSS 3.1 base as 9.8. The critical flaw entails severe SQL injection vulnerability that has […]

Russian hackers target UK’s critical infrastructure

Russian hackers are actively looking to target Britain’s critical infrastructure, such as energy and water, with the goal of ‘disrupt or destroy’, a Cabinet Office minister has warned. Hacking groups from Russia have focussed their attention to the UK in recent months, Oliver Dowden mentioned in a speech. The National Cyber Security Centre (NCSC) has […]

Microsoft Outlook Elevation of Privilege – CVE-2023-23397

CVE-2023-23397 is an elevation of privilege vulnerability in Microsoft Outlook that was assigned a CVSSv3 score of 9.8 with reports that it is activity being exploited in the wild. The vulnerability can be exploited by sending a malicious email to a vulnerable version of Outlook with an extended MAPI property with a UNC path to […]

Microsoft SPNEGO NEGOEX Vulnerability

Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX (CVE-2022-37958) to a designation of “Critical” (maximum severity for their products): CVSS score 8.1. The CVE had previously been given a designation of “Important”: CVSS score of 7.5, but recent analysis of the patch identified that the vulnerability allowed remote code execution in a similar manner to […]

Microsoft Exchange Zero-Day

Security researchers have warned that a zero-day flaw in Microsoft’s Exchange server is being actively exploited. So far, we know that the Microsoft Exchange zero-day allows for remote code execution and that the attackers are chaining a pair of zero-days to deploy Chinese Chopper web shells on compromised hosts. The first vulnerability, identified as CVE-2022-41040, […]

SonicWall advisory: Patches for SSLVPN SMA1000 Devices

SonicWall SSLVPN SMA1000 series appliances are affected by the multiple vulnerabilities listed below; organisations running previous versions of SSLVPN SMA1000 series firmware should upgrade to new firmware release versions. Affected Products: There is no evidence that these vulnerabilities are being exploited in the wild. Sources:https://thehackernews.com/2022/05/sonicwall-releases-patches-for-new.html

Critical F5 BIG-IP bug​

Multiple vulnerabilities have been found in the F5’s BIG-IP network software  (BIG-IP iControl REST) authentication. Disclosed last week, the bug affects multiple versions of the network management software, which is being tracked as CVE-2022-1388.​ ​Patch ASAP! ​ ​Although CVE-2022-1388 is a proof-of-concept (PoC), there is still a high chance that this vulnerability could expose thousands of users to a remote […]