Please turn on your JavaScript for this page to function normally.
Veeam
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)

CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and …

email
Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

The maintainers of the Exim mail transfer agent (MTA) have fixed a critical vulnerability (CVE-2024-39929) that currently affects around 1.5 million public-facing servers and …

Progress MOVEit
Progress quietly fixes MOVEit auth bypass flaws (CVE-2024-5805, CVE-2024-5806)

Progress Software has patched one critical (CVE-2024-5805) and one high-risk (CVE-2024-5806) vulnerability in MOVEit, its widely used managed file transfer (MFT) software …

Progress
PoC for Progress Telerik RCE chain released (CVE-2024-4358, CVE-2024-1800)

Security researchers have published a proof-of-concept (PoC) exploit that chains together two vulnerabilities (CVE-2024-4358, CVE-2024-1800) to achieve unauthenticated remote …

CrushFTP
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The …

Juniper Networks
Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591)

Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About …

New infosec products of the week
New infosec products of the week: December 15, 2023

Here’s a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source …

HNS
Censys unveils two new product tiers to help researchers enhance their threat hunting work

Censys announced two new product tiers of its search tool, Censys Search Solo and Censys Search Teams. These additions are part of a series of strategic initiatives to enhance …

HNS
Censys Internet Map helps organizations identify, understand and mitigate threats

Censys announced the Censys Internet Map. As the data foundation that powers the Censys Internet Intelligence Platform, the Censys Internet Map provides users with the most …

matrix
NOS chooses Censys to monitor its attack surface

Censys has unveiled that NOS chose Censys to monitor its attack surface. Censys’ technology provides NOS with complete visibility into its external-facing …

Progress MOVEit
Cl0p announces rules for extortion negotiation after MOVEit hack

The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 …

Zyxel
Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

Don't miss

Cybersecurity news