eSecurity Planet

SEPTEMBER 18, 2023

This week, the following active exploits of vulnerabilities were announced: Iranian advanced persistent threat (APT) group exploits January 2023 vulnerabilities in Fortinet firewalls and ManageEngine software to perform remote code execution (RCE) on U.S. Read More: The 8 Best Vulnerability Scanner Tools for 2023 What is Patch Management?

Firewall 95

Firewall Security Defenses Risk Cybersecurity 95

eSecurity Planet

AUGUST 28, 2023

We’ve compiled some recently active vulnerabilities — both old and new — for security teams to monitor, mitigate, patch, or even remove from your infrastructure altogether. August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform.

VPN 87

VPN Authentication Mobile Firewall 87

eSecurity Planet

OCTOBER 9, 2023

The sheer number of security issues underscores the need for strong patch and vulnerability management — and for cyber resilience that goes deeper than common preventive measures. The problem: Arm has issued a security alert on CVE-2023-4211 , an actively exploited vulnerability in its Mali GPU drivers.

Architecture 94

Architecture Ransomware Software Accountability 94

eSecurity Planet

AUGUST 14, 2023

Cybersecurity and Infrastructure Security Agency (CISA) recently published an analysis of the top 12 vulnerabilities exploited in 2022. Here’s a roundup of the week’s major vulnerabilities that security teams should mitigate or patch. Adobe also updated their Commerce and Dimension software.

Software 87

Software Malware Internet Internet 87

eSecurity Planet

SEPTEMBER 7, 2023

Much like the rest of technology, merger and acquisition (M&A) activity for cybersecurity companies has been in a slump this year. Startup Runways Dwindle A key factor that will likely drive more dealmaking activity is that CEOs of cybersecurity startups may not have much of a choice. trillion for the middle of 2023.

Cybersecurity 108

Cybersecurity Marketing Software DDOS 108

eSecurity Planet

AUGUST 28, 2023

We’ve compiled some recently active vulnerabilities — both old and new — for security teams to monitor, mitigate, patch, or even remove from your infrastructure altogether. August 21, 2023 Ivanti finds another vulnerability For the third time in a month, Ivanti’s has reported a vulnerability in a mobile device management platform.

VPN 70

VPN Authentication Mobile Firewall 70

The Last Watchdog

NOVEMBER 1, 2023

1, 2023 — AdviserCyber , a cybersecurity service provider for Registered Investment Advisers (RIAs) with $500M to $3B Assets Under Management (AUM) who must comply with the Securities and Exchange Commission (SEC) cybersecurity requirements, announced its formal launch today. Phoenix, Ariz. —

Cybersecurity 100

Cybersecurity Penetration Testing Cyber threats Risk 100

eSecurity Planet

APRIL 29, 2024

An old Microsoft Windows spooler flaw is added to the CISA KEV list, and the Cactus Ransomware gang currently pursues unfixed Qlik Sense servers with a vulnerability patched in September 2023. The problem: Progress Software released patches to fix CVE-2024-2389 in their Flowmon network performance and security software tool.

Firewall 93

Firewall Software Ransomware Penetration Testing 93

eSecurity Planet

SEPTEMBER 13, 2023

Microsoft’s Patch Tuesday for September 2023 includes 59 vulnerabilities, five of them rated critical and two currently being exploited in the wild. The two vulnerabilities currently being exploited are CVE-2023-36761 , an information disclosure flaw in Microsoft Word with a CVSS score of 6.2;

Engineering 105

Engineering Security Defenses Risk Cybersecurity 105

eSecurity Planet

JANUARY 8, 2024

The problem: The US Cybersecurity and Infrastructure Security Agency (CISA) added two vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog. and older of the Perl Spreadsheet::ParseExcel library ( CVE-2023-7101 ) contain a RCE vulnerability exploited by Chinese hackers, as noted on December 24th. Versions 0.65

Encryption 106

Encryption Security Defenses Cybersecurity Internet 106

eSecurity Planet

AUGUST 9, 2023

Microsoft’s Patch Tuesday for August 2023 addresses 74 vulnerabilities, six of them critical. The six critical vulnerabilities discussed in the release note are as follows: CVE-2023-29328 and CVE-2023-29330 , a pair of remote code execution flaws in Microsoft Teams with a CVSS score of 8.8 exe and hvciscan_arm64.exe),

VPN 90

VPN Security Defenses Cybersecurity Engineering 90

eSecurity Planet

AUGUST 10, 2023

Threat intelligence feeds are continually updated streams of data that inform users of different cybersecurity threats, their sources, and any infrastructure impacted or at risk of being impacted by those threats. May have redundant features with other cybersecurity tools in your existing toolset.

Internet 72

Internet Internet Cybersecurity Malware 72

eSecurity Planet

APRIL 15, 2024

Last week’s cybersecurity incidents revealed significant vulnerabilities across multiple platforms. Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security. CVE-2023-6318 permits privilege escalation to get root access.

Firewall 99

Firewall VPN Software Risk 99

eSecurity Planet

FEBRUARY 5, 2024

Critical multi-platform vulnerabilities impacting diverse systems dominated the past week’s cybersecurity headlines. The Known Exploited Vulnerabilities list also added the previously disclosed issues CVE-2023-36846 and CVE-2023-36851 , emphasizing the importance of immediate fix. Both affect J-Web and all Junos OS versions.

Risk 95

Risk Penetration Testing Authentication Software 95

eSecurity Planet

FEBRUARY 2, 2024

Teslas have plenty of vulnerabilities, as cybersecurity researchers have recently discovered. Teslas Get the Spotlight in Recent Ethical Hacking Efforts Researchers have discovered multiple vulnerabilities within Teslas since March 2023. The zero-days reveal just how many items can threaten an organization’s cybersecurity.

Hacking 121

Hacking IoT Firmware Cybersecurity 121

eSecurity Planet

JANUARY 2, 2024

Google announced an update to the desktop stable channel to 120.0.6099.129 on December 20, 2023, which was expected to roll out over the coming days and weeks. The fix: Barracuda deployed a patch on December 22, 2023, to fix the exploited ESG appliances. The fix: Access to fix data is currently limited.

Authentication 90

Authentication Software Engineering Security Defenses 90

eSecurity Planet

FEBRUARY 12, 2024

This code exists in all software that uses Secure Boot, like SUSE, Red Hat, and Debian. The RCE vulnerability is tracked as CVE-2023-40547 and has a severity rating of 8.3. Orca Security published a blog post about the vulnerabilities — its researchers discovered and reported the issues in Fall 2023, and Microsoft quickly patched them.

VPN 104

VPN Authentication Software Firewall 104

eSecurity Planet

JANUARY 29, 2024

The problem: Mandiant revealed possible 2021 exploitation by Chinese espionage attackers for CVE-2023-34048, an out-of-bounds weakness in protocol implementation first publicly reported in October 2023. The fix: Deploy the Apache security upgrades available since November 2023.

Software 88

Software Authentication CSO Accountability 88

eSecurity Planet

JANUARY 22, 2024

CVE-2023-6548 is a remote code execution vulnerability for an authenticated user, and CVE-2023-6549 is a denial-of-service vulnerability. To exploit CVE-2023-6548, an attacker must have access to NSIP, CLIP, or SNIP and also have management interface access. There’s evidence that it’s been exploited in the wild.

Authentication 102

Authentication Malware VPN Mobile 102

eSecurity Planet

MAY 13, 2024

The problem: Cisco Talos researchers published a proof of concept for CVE-2023-49606 and Censys detected over 50,000 potentially vulnerable Tinyproxy hosts. The most significant vulnerability, CVE-2023-47610 rates CVSSv3 9.8 May 5, 2024 Tinyproxy Vulnerability Potentially Exposes 50,000+ Hosts Type of vulnerability: Use after free.

Penetration Testing 67

Penetration Testing IoT Small Business Internet 67

eSecurity Planet

AUGUST 8, 2023

With its Alphabet origins and former Google CEO Eric Schmidt as chairman, SandboxAQ landed a $500 million funding round earlier this year, the biggest cybersecurity round of 2023 thus far, with an A-list of investors that includes Schmidt, Salesforce CEO Marc Benioff, T.

Encryption 83

Encryption Cybersecurity Security Defenses Banking 83

eSecurity Planet

FEBRUARY 19, 2024

The problem: Researchers at cybersecurity company Truesec uncovered data that indicated Akira ransomware might be exploiting an old vulnerability within Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). The CVEs are CVE-2023-40057 , CVE-2024-23476 , CVE-2024-23477 , CVE-2024-23478 , and CVE-2024-23479.

VPN 98

VPN DNS Ransomware Software 98

eSecurity Planet

JANUARY 16, 2024

The problem: The United States Cybersecurity and Infrastructure Security Agency (CISA) has announced a vulnerability in Microsoft SharePoint that allows a threat actor to escalate their privileges on the network. The vulnerability can be tracked as CVE-2023-29357. Follow this page for updates on patches.

Firewall 97

Firewall Firmware IoT Authentication 97

eSecurity Planet

MARCH 15, 2024

HackerGPT, first launched in 2023, is a ChatGPT-powered tool that merges AI technology with cybersecurity-focused expertise. in February 2024, it serves as an extensive repository of hacking tools and techniques to actively assist users in managing complex cybersecurity protection strategies. Launch of HackerGPT 2.0

Mobile 102

Mobile Hacking Education Cybersecurity 102

eSecurity Planet

MARCH 25, 2024

The first vulnerability appears in Ivanti Standalone Security and is tracked as KB-CVE-2023-41724 , with a CVSS rating of 9.6. The Standalone Security vulnerability affects versions 9.17.0, The second vulnerability appears in Ivanti Neurons for IT Service Management and is tracked as CVE-2023-46808. and 9.19.0,

Computers and Electronics 62

Computers and Electronics Software Accountability Authentication 62

eSecurity Planet

MARCH 19, 2024

The problem: Cisco announced patches for 10 vulnerabilities (one critical, four high, five medium) affecting its IOS XR Software, SD-WAN vMaange, and Secure Client products. The vulnerability, CVE-2023-48788 , earns a critical CVSS score of 9.8

Authentication 102

Authentication VPN Software DDOS 102

eSecurity Planet

MARCH 11, 2024

We’ve seen multiple over the last couple of months, but these are new and not to be confused with CVEs from 2023. The problem: CVE-2023-22527 , a remote code execution vulnerability in outdated versions of Atlassian Confluence Data Center and Confluence Server, is currently being actively exploited. LTS) 8.5.5 (LTS)

Authentication 102

Authentication Software VPN Security Defenses 102

eSecurity Planet

FEBRUARY 16, 2024

government and defense institutions for intelligence gathering. sectors in 2023, which raised concerns about its main goal: a widespread disruption. This could offer substantial difficulties to cybersecurity experts in the coming years. Volt Typhoon struck again on several U.S. critical infrastructure in the case of a major U.S.

Internet 104

Internet Internet Cybersecurity Network Security 104

eSecurity Planet

DECEMBER 19, 2023

As 2023 draws to an end and cybersecurity budgeting is nearly complete, it helps to consider the year’s events and try to predict next year’s trends. After receiving input from industry experts and doing my own analysis of the year’s driving forces, I identified five major cybersecurity trends.

Cybersecurity 139

Cybersecurity CISO Government Technology 139

eSecurity Planet

SEPTEMBER 11, 2023

Network security is another big theme this week: Whether it’s a VPN connection or an enterprise-grade networking platform, patch management solutions typically won’t update network devices, so admins may need to keep an eye on any flaws there too. score of 9.8 out of 10.0, are format string vulnerabilities. 31 and updated Sept.

VPN 109

VPN Firmware Authentication Phishing 109

eSecurity Planet

OCTOBER 6, 2023

Despite all the advances in cybersecurity, email remains the starting point for the vast majority of cyberattacks, as phishing, malware and social engineering remain effective attack techniques. That makes email security software a worthwhile investment for organizations of all sizes. user/month Coro edge: $11.99/user/month

Software 128

Software Phishing Mobile Threat Detection 128

eSecurity Planet

APRIL 12, 2024

12 Data Loss Prevention Best Practices 3 Real Examples of DLP Best Practices in Action How to Implement a Data Loss Prevention Strategy in 5 Steps Bottom Line: Secure Your Operations with Data Loss Prevention Best Practices When Should You Incorporate a DLP Strategy? Proofpoint’s 2024 data loss landscape report reveals 84.7%

Backups 124

Backups Encryption Data breaches Risk 124

eSecurity Planet

JANUARY 11, 2024

Most Compromises Exploit Unmanaged Devices Microsoft’s fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from unmanaged devices and that 60% of those attacks use remote encryption. Naturally, this leads to three important questions: What are unmanaged devices?

Ransomware 112

Ransomware Encryption IoT VPN 112

eSecurity Planet

SEPTEMBER 14, 2023

To check whether the AdminSDHolder container was modified by someone you can check its “ WhenChanged ” attribute by going to the Attribute Editor as shown in the screenshot below: The AdminSDHolder container was created on 3/23/2023 (when the domain controller was deployed) and modified on 5/28/2023, as seen in the screenshot above.

Accountability 97

Accountability Marketing Cybersecurity Security Defenses 97

eSecurity Planet

APRIL 1, 2024

The problem: A SQLi flaw tracked as CVE-2023-48788 permits remote code execution (RCE) with SYSTEM privileges in low complexity attacks that don’t require user interaction. The US Cybersecurity & Infrastructure Security Agency (CISA) added this exploit to their vulnerability catalog indicating active exploitation in the wild.

Authentication 94

Authentication Artificial Intelligence Software Cybersecurity 94

eSecurity Planet

OCTOBER 2, 2023

September 29, 2023 Patch WS_FTP Now: 10 / 10 RCE Vulnerability Revealed Type of attack: Attackers can exploit unpatched vulnerabilities to perform remote code execution (RCE), directory traversal, cross-site scripting (XSS), SQL injection , cross-site request forgery (CSRF), and file enumeration attacks. RCE vulnerability CVE-2023-42117 = 8.1

DDOS 97

DDOS Encryption Software Ransomware 97

eSecurity Planet

OCTOBER 16, 2023

The past week has been an eventful one for cybersecurity vulnerabilities, from record DDoS attacks and three Microsoft zero-days to vulnerabilities in Linux, Apple, Citrix, and other widely used technologies. The fix: The CVEs and associated patches are detailed in October 2023 Patch Tuesday Includes Three Zero-Days Flaws.

DDOS 89

DDOS Software Cybersecurity Manufacturing 89