Palo Alto released a security advisory to address an actively exploited vulnerability, tracked as CVE-2024-3393. The vulnerability impacts Palo Alto Networks software (PAN-OS). Successful exploitation of the vulnerability may lead to a Denial of Service (DoS) attack. “Palo Alto Networks is aware of customers experiencing this Denial of Service (DoS) when their firewall blocks malicious … Continue reading “Palo Alto Networks Denial of Service Vulnerability Exploited in the Wild (CVE-2024-3393)”
Tag: Exploited in the Wild
CISA Added Cleo Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-50623 & CVE-2024-55956)
Cybersecurity & Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities Catalog with two vulnerabilities in Cleo Harmony, VLTrader, and LexiCom. Tracked as CVE-2024-50623 & CVE-2024-55956, successful exploitation of the vulnerability may lead to remote code execution. CISA urged users to patch the vulnerabilities before January 3, 2025 (CVE-2024-50623) and January 7, 2025 (CVE-2024-55956). Cleo … Continue reading “CISA Added Cleo Vulnerabilities to its Known Exploited Vulnerabilities Catalog (CVE-2024-50623 & CVE-2024-55956)”
South Korean Attackers Group Exploits WPS Office Vulnerability (CVE-2024-7262)
APT-C-60, a South Korea-aligned cyber espionage group, has been exploiting a zero-day vulnerability in the Windows version of WPS Office. Attackers exploited the vulnerability to install the SpyGlace backdoor on East Asian targets. Tracked as CVE-2024-7262, the vulnerability allows an attacker to perform remote code execution. ESET (Electronic Systems Engineering Technology) researchers have discovered and … Continue reading “South Korean Attackers Group Exploits WPS Office Vulnerability (CVE-2024-7262)”
Acronis Cyber Infrastructure Critical Vulnerability Exploited in the Wild (CVE-2023-45249)
An authentication bypass vulnerability in the Acronis Cyber Infrastructure is being exploited in the wild. Tracked as CVE-2023-45249, this vulnerability has a critical severity rating and a CVSS score of 9.8. Successful exploitation of the vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on vulnerable systems. An attacker may exploit the vulnerability … Continue reading “Acronis Cyber Infrastructure Critical Vulnerability Exploited in the Wild (CVE-2023-45249)”
Check Point Security Gateways Information Disclosure Vulnerability Exploited in the Wild (CVE-2024-24919)
Check Point warned its customers of a vulnerability impacting its Network Security gateway products. The vulnerability, tracked as CVE-2024-24919, is being exploited in the wild. Successful exploitation of the vulnerability may allow an attacker to read specific information on Internet-connected Gateways with remote access VPN or mobile access enabled. CISA acknowledged the active exploitation of … Continue reading “Check Point Security Gateways Information Disclosure Vulnerability Exploited in the Wild (CVE-2024-24919)”
