Palo Alto Networks has issued a critical severity security advisory for an authentication bypass vulnerability, known as CVE-2024-0012, affecting the PAN-OS management web interface.
CVE-2024-0012 has a CVSSv4 score of 9.3 when access is allowed to the management interface from external IP addresses on the internet. However, if access is restricted to a jump box that is the only system allowed to access the management interface, the CVSSv4 score would be reduced to 5.9.
Read more…
Source: NHS Digital
Related:
- Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA
January 11, 2025
Today FortiGuard Labs is releasing this blog post about a case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). At the time of our investigation, two out of the three identified vulnerabilities were not publicly known. This incident is a prime example of how threat actors chain zero-day ...
- Meet FunkSec: A New, Surprising Ransomware Group, Powered by AI
January 10, 2025
The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month. FunkSec operators appear to use AI-assisted malware development, which can enable even inexperienced actors to quickly produce and refine advanced tools. The group’s activities straddle the line between hacktivism and cybercrime, complicating efforts to ...
- Cracking the Code: How Banshee Stealer Targets macOS Users
January 9, 2025
Since September, Check Point Research (CPR) has been monitoring a new version of the Banshee macOS Stealer, a malware that steals browser credentials, cryptocurrency wallets, and other sensitive data. Undetected for over two months, Banshee’s latest version introduced string encryption taken from Apple’s XProtect, likely causing antivirus detection systems to overlook the malware. Threat actors distributed ...
- Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
January 9, 2025
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments. In this blog entry, Trend Micro researchers discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) ...
- Google Chrome AI extensions deliver info-stealing malware in broad attack
January 9, 2025
Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates. Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the ...
- Active Exploitation of Zero-Day Vulnerability in Ivanti Connect Secure
January 9, 2025
CVE-2025-0282 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 9.0. If exploited, a remote unauthenticated attacker could execute arbitrary code (ACE). CVE-2025-0283 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 7.0. If exploited, a local authenticated attacker could escalate their privileges. Affected organisations must review the Ivanti Security Advisory and ...