article thumbnail

Blister malware using code signing certificates to evade anti malware detection

CyberSecurity Insiders

As some hackers have developed a malware that uses code signing certificates to avoid detection by security defenses and has the tendency to download payloads onto a compromised system.

Malware 124
article thumbnail

VulnRecap 2/12/24: Ivanti, JetBrains, Fortinet, Linux Issues

eSecurity Planet

February 5, 2024 JetBrains TeamCity Saga Continues with Another Server Vulnerability Type of vulnerability: Authentication bypass by an unauthenticated attacker. Both vulnerabilities affected authenticated users of Apache Oozie and Apache Ambari. The fix: Fortinet told users to disable SSL VPN. Connect Secure 9.1R17.3

VPN 102
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Vulnerability Recap – September 4, 2023 – Attackers Hit Network Devices and More

eSecurity Planet

Unpatched devices can give attackers privileged access to networks, particularly those set up as VPN virtual servers, ICA proxies, RDP proxies, or AAA servers. Consider adopting network security measures like intrusion detection and prevention systems (IDPS) to identify and prevent harmful traffic from reaching your RocketMQ server.

VPN 95
article thumbnail

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security.

article thumbnail

VulnRecap 3/11/24 – JetBrains & Atlassian Issues Persist

eSecurity Planet

And all IT and security teams should follow vulnerability news for vendor bulletins and updates. March 4, 2024 JetBrains Server Issues Continue with New Vulnerabilities Type of vulnerability: Authentication bypass. Whichever user’s privileges the attacker has exploited could then be used to create a remote access VPN session.

article thumbnail

VulnRecap 1/22/24 – Watch Chrome, Ivanti, Citrix Issues

eSecurity Planet

The vulnerability also exists on GitHub Enterprise Server, but it can only be exploited by an authenticated user with an organization owner role. The authenticated user must also be logged into an account on an instance of GHES. Affected keys included some encryption keys and the GitHub commit signing key. EPMM versions 11.10, 11.9

article thumbnail

Vulnerability Recap 3/19/24 – Microsoft, Fortinet & More

eSecurity Planet

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.