10分钟
星期二补丁
星期二补丁 - September 2024
4零日. Servicing Stack Win 10 1507 rollback; MotW LNK stomping bypass; Windows Installer EoP; Publisher macro bypass. SharePoint & Windows NAT关键rce.
2分钟
紧急威胁响应
CVE-2024-40766: Critical Improper Access Control 脆弱性 Affecting SonicWall Devices
CVE-2024-40766 is a critical improper access control vulnerability affecting SonicOS, the operating system that runs on the company’s physical 和 virtual firewalls. 截至9月9日, 2024, Rapid7 is aware of several recent incidents in which SonicWall SSLVPN accounts were targeted or compromised.
3分钟
紧急威胁响应
Multiple Vulnerabilities in Veeam Backup & 复制
9月4日, 2024, Veeam released their September security bulletin disclosing various vulnerabilities, 包括cve - 2024 - 40711, a critical unauthenticated remote code execution issue affecting Veeam’s popular Backup & 复制解决方案.
16分钟
漏洞的披露
CVE-2024-45195: Apache OFBiz Unauthenticated Remote Code Execution (Fixed)
Apache OFBiz低于18.12.16 is vulnerable to unauthenticated remote code execution (CVE-2024-45195) on Linux 和 Windows. Exploitation is facilitated by bypassing previous patches.
15分钟
星期二补丁
星期二补丁 - August 2024
Heavy-hitting edition of PT with 10 zero-days. Windows Downdate downgrade attack, Windows WinSock EoP, Windows内核EoP, MotW绕过, 还有其他几个.
4分钟
紧急威胁响应
VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns
7月29日, Microsoft published threat intelligence on observed exploitation of CVE-2024-37085, an authentication bypass vulnerability in Broadcom VMware ESXi hypervisors that has been used in multiple ransomware campaigns.
6分钟
漏洞的披露
CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery
Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF).
11分钟
脆弱性管理
补丁星期二- 2024年7月
Microsoft has published 139 vulnerabilities this July 2024 星期二补丁, two of which had already been seen exploited in the wild.
4分钟
紧急威胁响应
Authentication Bypasses in MOVEit Transfer 和 MOVEit Gateway
6月25日, 2024, Progress Software published information on two new vulnerabilities in MOVEit Transfer 和 MOVEit Gateway: CVE-2024-5806 和 CVE-2024-5805.
7分钟
星期二补丁
补丁星期二- 2024年6月
还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.
2分钟
紧急威胁响应
CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U
6月5日, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.
2分钟
脆弱性管理
The Dreaded Network Pivot: An Attack Intelligence Story
The spiritual successor to our annual 脆弱性 Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection 和 response 和 threat intelligence teams.
4分钟
紧急威胁响应
CVE-2024-24919: Check Point Security Gateway Information Disclosure
5月28日, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.
8分钟
星期二补丁
补丁星期二- 2024年5月
Zero-days in DWM, MSHTML, 和 Visual Studio. SharePoint critical post-auth RCE. 远程接入修复. 移动宽带USB总线.
3分钟
紧急威胁响应
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise
CVE-2024-4040 is an unauthenticated zero-day vulnerability in managed file transfer software CrushFTP. 成功ful exploitation allows for arbitrary file read as root, authentication bypass for administrator account access, 以及远程代码执行.