News • Insights • Analysis
The Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited CVE-2024-21412 through the use of fake software installers. During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects Read More …
The electric vehicle (EV) sector, though nascent and in its formative years, faces numerous challenges. Recent concerns, such as “range anxiety” (a vehicle battery’s charge and ability to complete a planned journey) among consumers and incidents of vehicles losing power Read More …
On January 10, 2024, Ivanti published a security advisory regarding two vulnerabilities in Ivanti Connect Secure VPN. These vulnerabilities, which were exploited in the wild, are identified as CVE-2023-46805 and CVE-2023-21887. The exploitation of these vulnerabilities was quickly adopted by Read More …
JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTP(S) access to a TeamCity on-premises server to bypass authentication checks and gain administrative Read More …
VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally Read More …
Mandiant and Ivanti’s investigations into widespread Ivanti zero-day exploitation have continued across a variety of industry verticals, including the U.S. defense industrial base sector. Following the initial publication on Jan. 10, 2024, Mandiant observed mass attempts to exploit these vulnerabilities Read More …
Apple Shortcuts could be used to steal sensitive data from Apple devices due to a high-severity vulnerability. Shortcuts is an app created by Apple that allows users to create customized task workflows on Apple devices and automate processes using a Read More …
In previous blogs, watchTowr researchers discussed some of the big players in the enterprise software space, but there is one that they have not mentioned before, that is – quite frankly – the heavy-weight champion of the world in terms Read More …
SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability. ClamAV is a notable, open-source anti-virus engine, widely recognized for its comprehensive suite of Read More …
On January 25, 2024, SSD Secure Disclosure posted a disclosure titled Zyxel VPN Series Pre-auth Remote Command Execution. The writeup describes an unauthenticated remote command injection vulnerability affecting Zyxel VPN firewalls. That caught VulnCheck researchers attention. The Zyxel VPN series Read More …
