GreyNoise
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)
CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being …
ThreatBlockr integrates with GreyNoise to guard against false positives
ThreatBlockr and GreyNoise announced a partnership that will enhance the ThreatBlockr platform. By leveraging GreyNoise data, ThreatBlockr customers now have automatic access …
Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 …
PoC exploit, IoCs for Fortinet FortiNAC RCE released (CVE-2022-39952)
Horizon3.ai’s Attack Team has released a PoC exploit for CVE-2022-39952, a critical vulnerability affecting FortiNAC, Fortinet’s network access control solution. …
PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)
If your enterprise is running ManageEngine products that were affected by CVE-2022-47966, check now whether they’ve been updated to a non-vulnerable version because …
Attackers never let a critical vulnerability go to waste
GreyNoise Intelligence unveiled its research report that dives deep into the most significant threat detection events of the past 12 months. “When it comes to cybersecurity, …
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount
Horizon3.ai researchers have released a PoC exploit for CVE-2022-40684, the authentication bypass vulnerability affecting Fortinet‘s firewalls and secure web gateways, …
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)
After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, …
Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password …
Kasada partners with GreyNoise Intelligence to provide potential threats prioritization
By teaming up with Kasada, GreyNoise Intelligence will be able to provide users with an improved understanding of their security environment and more accurate information …
BlueKeep RDP flaw: Nearly a million Internet-facing systems are vulnerable
Two weeks have passed since Microsoft released security fixes and mitigation advice to defang exploits taking advantage of CVE-2019-0708 (aka BlueKeep), a wormable …