Exploitation

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers – Go Health Pro

by
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers – Go Health Pro

Nov 27, 2024Ravie LakshmananVulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until … Read more

New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project – Go Health Pro

by
New Active 0-day Exploitation, AI That Sees Your Open Apps, The RebootAI Project – Go Health Pro

SECURITY | AI | PURPOSEUNSUPERVISED LEARNING is a newsletter about upgrading to thrive in a world full of AI. It’s original ideas, analysis, mental models, frameworks, and tooling to prepare you for the world that’s coming. TOC Had a great conversation with Rob Allen from ThreatLocker about their Zero Trust approach: deny-by-default, dynamic ACLs, and … Read more

PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released – Go Health Pro

by
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released – Go Health Pro

Nov 16, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it observed malicious activity originating from … Read more

Ivanti Warns of Energetic Exploitation of Newly Patched Cloud Equipment Vulnerability – Go Well being Professional

by
Ivanti Warns of Energetic Exploitation of Newly Patched Cloud Equipment Vulnerability – Go Well being Professional

Sep 14, 2024Ravie LakshmananEnterprise Safety / Risk Intelligence Ivanti has revealed {that a} newly patched safety flaw in its Cloud Service Equipment (CSA) has come underneath lively exploitation within the wild. The high-severity vulnerability in query is CVE-2024-8190 (CVSS rating: 7.2), which permits distant code execution underneath sure circumstances. “An OS command injection vulnerability in … Read more

x