Vulnerability ManagementImmediate weaponization of PoC exploits detailedSC StaffJuly 15, 2024Attacks leveraging proof-of-concept exploits have been launched as early as 22 minutes following their public disclosure.
Network SecurityQuick remediation of Netgear router vulnerabilities urgedSC StaffJuly 15, 2024First of the addressed vulnerabilities is a stored cross-site scripting bug in Netgear's XR1000 Nighthawk gaming router, tracked as PSV-2023-0122.
Email securityOver 1.5M Exim servers impacted by critical security bypassing bugSC StaffJuly 15, 2024The U.S., Russia, and Canada accounted for most of the vulnerable Exim servers, which are on versions 4.97.1 or earlier, according to a report from Censys.
BreachAutobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More… – SWN #397July 12, 2024Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News.
Vulnerability ManagementNovel CRYSTALRAY attacks significantly expandSC StaffJuly 12, 2024Attacks by CRYSTALRAY involved the utilization of several open-source software tools, including the Sliver post-exploitation toolkit.
Vulnerability ManagementGitLab patches 2nd critical pipeline vulnerability in last monthLaura FrenchJuly 11, 2024CVE-2024-6385, like another bug patched last month, could allow attackers to run pipelines as any user.
Network SecurityInternet Explorer still used as a malware vehicle by threat actorsShaun NicholsJuly 11, 2024Microsoft’s notorious Internet Explorer has been brought out of retirement by threat actors using its security holes to serve malware.
Network SecurityPHP bug executes RCEs, cryptominers and DDoS attacksSteve ZurierJuly 11, 2024Akamai researchers say its honeypots found numerous attempts to exploit recently disclosed vulnerability.