Tag: CVE

Junos OS Vulnerabilities Exploit Detection: Hackers Leverage CVE-2023-36844 RCE Bug Chain Abusing Juniper Devices After PoC Release
Junos OS Vulnerabilities Exploit Detection: Hackers Leverage CVE-2023-36844 RCE Bug Chain Abusing Juniper Devices After PoC Release

Adversaries weaponize four newly discovered RCE security flaws in the J-Web component of Junos OS tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-3684. The identified vulnerabilities can be chained together, enabling attackers to execute arbitrary code on the compromised instances. After the disclosure of a PoC exploit for chaining the Juniper JunOS flaws, cyber defenders are […]

Read More
SOC Prime on Discord: Join a Single Community for All Cyber Defenders to Benefit from Shared Expertise
SOC Prime on Discord: Join a Single Community for All Cyber Defenders to Benefit from Shared Expertise

In February 2023, SOC Prime launched its Discord server community connecting aspiring cybersecurity enthusiasts and seasoned experts in a single place. The community serves as the world’s largest open-source hub for Threat Hunters, CTI and SOC Analysts, and Detection Engineers — anyone having a genuine passion for cybersecurity. Currently, our Discord server hosts over 1,500 […]

Read More
CVE-2023-3519 Detection: RCE Zero-Day in Citrix NetScaler ADC and NetScaler Gateway Exploited in the Wild
CVE-2023-3519 Detection: RCE Zero-Day in Citrix NetScaler ADC and NetScaler Gateway Exploited in the Wild

Heads up! Cybersecurity experts notify defenders of a zero-day flaw compromising Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Appliances. The flaw tracked as CVE-2023-3519 can lead to RCE and is observed to be actively leveraged by adversaries in the wild with the PoC exploit released to GitHub. Detect CVE-2023-3519 Exploitation Attempts The growing […]

Read More
Detect CVE-2023-35078 Exploitation: Critical Authentication Bypass Zero-Day in Ivanti Endpoint Manager Mobile (EPMM)
Detect CVE-2023-35078 Exploitation: Critical Authentication Bypass Zero-Day in Ivanti Endpoint Manager Mobile (EPMM)

Cybersecurity heads up! After a series of security holes in Pulse Connect Secure SSL VPN appliance affected multiple organizations back in 2021, a new critical zero-day has been recently revealed in Ivanti products. The novel security issue impacting Ivanti Endpoint Manager Mobile (EPMM) enables remote unauthenticated API access to specific paths. By exploiting the flaw, […]

Read More
Microsoft Outlook Vulnerability CVE-2023-23397 Detection
Microsoft Outlook Vulnerability CVE-2023-23397 Detection

CVE-2023-23397 is a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook with a CVSS base score of 9.8. It was first disclosed on March 14, 2023, and attributed to APT28, also known as Fancy Bear or Strontium – a threat actor associated with the Russian General Staff Main Intelligence Directorate (GRU). The vulnerability is […]

Read More
CVE-2020-35730, CVE-2021-44026, CVE-2020-12641 Exploit Detection: APT28 Group Abuses Roundcube Flaws In Spearphishing Espionage Attacks
CVE-2020-35730, CVE-2021-44026, CVE-2020-12641 Exploit Detection: APT28 Group Abuses Roundcube Flaws In Spearphishing Espionage Attacks

With the ongoing russian cyber offensive operations targeting Ukraine and its allies, the aggressor is continuously launching cyber-espionage campaigns against state bodies and other organizations representing critical infrastructure. Less than a week after CERT-UA researchers warned of a spike in cyber-espionage attacks by russia-linked Shuckworm group, another nefarious hacking group comes back to the scene.  […]

Read More
CVE-2023-34362 Detection: Critical MOVEit Transfer Zero-Day Flaw Actively Exploited By Threat Actors to Steal Data from Organizations
CVE-2023-34362 Detection: Critical MOVEit Transfer Zero-Day Flaw Actively Exploited By Threat Actors to Steal Data from Organizations

Hot on the heels of the maximum severity flaw in GitLab software known as CVE-2023-2825, another critical vulnerability comes to the scene, creating a significant buzz in the cyber threat landscape. At the turn of June 2023, Progress Software uncovered a critical vulnerability in MOVEit Transfer that can lead to privilege escalation and instantly issued […]

Read More
CVE-2023-2825 Exploit Detection: GitLab Urges Users to Promptly Patch a Maximum Severity Flaw
CVE-2023-2825 Exploit Detection: GitLab Urges Users to Promptly Patch a Maximum Severity Flaw

GitLab has recently issued its latest critical security update v. 16.0.1, addressing a path traverse vulnerability tracked as CVE-2023-2825 with a CVSS score reaching the maximum limit of 10.0. The update affects installations running version 16.0.0., with earlier software versions being not impacted. The successful exploitation of a highly critical security bug enables unauthenticated adversaries […]

Read More
CVE-2023-27524 Detection: New Vulnerability Exposes Thousands of Apache Superset Servers to RCE Attacks
CVE-2023-27524 Detection: New Vulnerability Exposes Thousands of Apache Superset Servers to RCE Attacks

The popular open-source data visualization and data exploration tool, Apache Superset, is claimed to be vulnerable to authentication bypass and remote code execution (RCE), enabling threat actors to gain administrator access to the targeted servers and further collect user credentials and compromise data. The discovered bug is an insecure default configuration flaw tracked as CVE-2023-27524, […]

Read More
CVE-2023-27350 Exploit Detection: Critical PaperCut RCE Vulnerability Added to the CISA’s Known Exploited Vulnerabilities Catalog
CVE-2023-27350 Exploit Detection: Critical PaperCut RCE Vulnerability Added to the CISA’s Known Exploited Vulnerabilities Catalog

PaperCut has recently reported that the company’s application servers are vulnerable to a critical RCE flaw known as CVE-2023-27350, with a CVSS of 9.8. As a response to a growing number of exploitation attempts, CISA added the discovered bug to its Known Exploited Vulnerabilities (KEV) catalog.  Detect CVE-2023-27350 Exploitation Attempts Proactive detection of vulnerability exploitation […]

Read More