Tag: CVE

CVE-2024-24576 Detection: Hackers Exploit a Maximum Severity “BatBadBut” Rust Vulnerability to Target Windows Users
CVE-2024-24576 Detection: Hackers Exploit a Maximum Severity “BatBadBut” Rust Vulnerability to Target Windows Users

A new maximum severity vulnerability has been discovered in the Rust standard library. This vulnerability poses a serious threat to Windows users by enabling potential command injection attacks. The flaw tracked as CVE-2024-24576 specifically affects situations where batch files on Windows are executed with untrusted arguments. With the PoC code already publicly released, successful exploitation […]

Read More
CVE-2024-3094 Analysis: Multi-layer Supply Chain Attack Using XZ Utils Backdoor Impacts Major Linux Distributions
CVE-2024-3094 Analysis: Multi-layer Supply Chain Attack Using XZ Utils Backdoor Impacts Major Linux Distributions

Cybersecurity experts remain vigilant amidst an ongoing supply chain attack that has cast a shadow over the most widely-used Linux distributions. With its scale and sophistication reminiscent of infamous incidents like Log4j and SolarWinds, this new threat emanates from a backdoored XZ Utils (formerly LZMA Utils)—an essential data compression utility found in virtually all major […]

Read More
CVE-2023-42931 Detection: Critical macOS Vulnerability Enabling Easy Privilege Escalation and Root Access
CVE-2023-42931 Detection: Critical macOS Vulnerability Enabling Easy Privilege Escalation and Root Access

Security researchers warn of a critical privilege escalation vulnerability in multiple macOS versions that enables unauthorized users, including those with guest rights, to gain full root access to the affected instance. Detect CVE-2023-42931 Exploitation Attempts With an exponential rise in attack volumes and sophistication, the threat landscape of 2024 is assumed to be even more […]

Read More
CVE-2024-21378 Detection: Vulnerability in Microsoft Outlook Leads to Authenticated Remote Code Execution
CVE-2024-21378 Detection: Vulnerability in Microsoft Outlook Leads to Authenticated Remote Code Execution

Hot on the heels of nasty JetBrains TeamCity vulnerabilities (CVE-2024-27198, CVE-2024-2719), security experts reveal a new RCE affecting Microsoft Outlook. Authenticated adversaries might leverage the security issue to execute malicious code on the impacted instance, achieving extensive control over it. Although the vulnerability was patched by Microsoft in February 2024, the vendor classifies it as […]

Read More
TODDLERSHARK Malware Detection: Hackers Weaponize CVE-2024-1708 and CVE-2024-1709 Vulnerabilities to Deploy a New BABYSHARK Variant
TODDLERSHARK Malware Detection: Hackers Weaponize CVE-2024-1708 and CVE-2024-1709 Vulnerabilities to Deploy a New BABYSHARK Variant

A new malware iteration dubbed TODDLERSHARK comes into the spotlight in the cyber threat arena, which bears a striking similarity with BABYSHARK or ReconShark malicious strains leveraged by the North Korean APT group known as Kimsuky APT. The infection chain is triggered by weaponizing a couple of critical ConnectWise ScreenConnect vulnerabilities tracked as CVE-2024-1708 and […]

Read More
CVE-2024-27198 and CVE-2024-27199 Detection: Critical Vulnerabilities in JetBrains TeamCity Pose Escalating Risks with Exploits Underway
CVE-2024-27198 and CVE-2024-27199 Detection: Critical Vulnerabilities in JetBrains TeamCity Pose Escalating Risks with Exploits Underway

A couple of months after the massive exploitation of CVE-2023-42793, novel critical vulnerabilities in JetBrains TeamCity came into the spotlight, exposing affected users to the risks of the complete compromise of the impacted systems. Tracked as CVE-2024-27198 and CVE-2024-27199, the discovered security flaws can give unauthenticated attackers the green light to gain administrative control of […]

Read More
CVE-2024-23204 Detection: Exploitation of a Recently Patched Vulnerability in Apple Shortcuts App Can Lead to User Data Theft
CVE-2024-23204 Detection: Exploitation of a Recently Patched Vulnerability in Apple Shortcuts App Can Lead to User Data Theft

Apple has patched a notorious security gap affecting its Shortcuts app. The high-severity flaw enables adversaries to collect sensitive info without user consent. The uncovered zero-click Shortcuts vulnerability tracked as CVE-2024-23204 poses risks to user privacy, enabling threat actors to access sensitive data on the compromised device without the user’s permission. Detect CVE-2024-23204 Exploits With […]

Read More
CVE-2023-50358 Detection: A New Zero-Day Vulnerability in QNAP QTS and QuTS Hero Firmware
CVE-2023-50358 Detection: A New Zero-Day Vulnerability in QNAP QTS and QuTS Hero Firmware

Close on the heels of a critical Jenkins RCE vulnerability, another security flaw that can pose a severe threat to global organizations emerges in the cyber threatscape. A new zero-day vulnerability in QNAP QTS and QuTS hero operating systems tracked as CVE-2023-50358 has been currently in the spotlight. The uncovered command injection vulnerability impacts QNAP […]

Read More
CVE-2024-23897 Detection: A Critical Jenkins RCE Vulnerability Poses Growing Risks with PoC Exploits Released
CVE-2024-23897 Detection: A Critical Jenkins RCE Vulnerability Poses Growing Risks with PoC Exploits Released

Hot on the heels of the critical CVE-2024-0204 vulnerability disclosure in Fortra’s GoAnywhere MFT software, another critical flaw arrests the attention of cyber defenders. Recently, Jenkins developers have addressed nine security bugs affecting the open-source automation server, including a critical vulnerability tracked as CVE-2024-23897 that can lead to RCE upon its successful exploitation. With PoCs […]

Read More
CVE-2024-0204 Detection: Critical Vulnerability in Fortra GoAnywhere MFT Resulting in Authentication Bypass
CVE-2024-0204 Detection: Critical Vulnerability in Fortra GoAnywhere MFT Resulting in Authentication Bypass

Another day, another critical vulnerability on the radar. This time, it’s a critical authentication bypass (CVE-2024-0204) affecting Fortra’s GoAnywhere MFT software, which is largely used by enterprises globally for secure file transfer purposes. Hot on the heels of the nefarious flaw in Atlassian’s Confluence Server and Data Center, CVE-2024-0204 might be promptly added to the […]

Read More