The Information Highway

The Information Highway

Kemp LoadMaster and VMware vCenter vulnerabilities

Threat-Advisory-Banner3

Threat update

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added critical vulnerabilities in Progress Kemp LoadMaster (CVE-2024-1212) and VMware vCenter Server (CVE-2024-38812, CVE-2024-38813) to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities allow attackers to execute arbitrary commands, gain remote code execution (RCE), and escalate privileges. Continue reading this Cybersecurity Threat Advisory to reduce your risk of exploitation from these vulnerabilities. 

Continue reading
  122 Hits

New malware loader – BabbleLoader

Threat-Advisory-Banner3

Threat update

BabbleLoader is a newly identified malware loader designed for delivering information-stealing payloads such as WhiteSnake and Meduza. It demonstrates sophisticated evasion techniques that challenge both traditional antivirus solutions and modern AI-driven detection systems. Read this Cybersecurity Threat Advisory to learn how to protect against this cutting-edge malware loader. 

Continue reading
  139 Hits

RomCom exploits vulnerabilities

Threat-Advisory-Banner3

Threat update

Recent reports have uncovered that a threat actor known as RomCom has been exploiting two zero-day vulnerabilities, one in Mozilla Firefox and another in Microsoft Windows, to deploy their proprietary backdoor malware. These vulnerabilities, CVE-2024-9680 and CVE-2024-49039, have been actively targeted in attacks across Europe and North America. Continue reading this Cybersecurity Threat Advisory to learn how to defend against RomCom. 

Continue reading
  119 Hits

7-Zip vulnerability

Threat-Advisory-Banner3

Threat update

A security vulnerability in 7-Zip allows remote attackers to bypass defenses and execute malicious code via specially crafted archives. Read this Cybersecurity Threat Advisory to learn how to mitigate your risk from this new threat. 

Continue reading
  105 Hits

Phishing campaign spreading Remcos RAT malware

Threat-Advisory-Banner3

Threat update

A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read below to learn how this could impact your organization.

Continue reading
  227 Hits

Palo Alto PAN-OS RCE vulnerability

Threat-Advisory-Banner3

Threat update

A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE).

Continue reading
  197 Hits

Zero-click flaw in Synology NAS devices

Threat-Advisory-Banner3

Threat update

Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices.

Continue reading
  156 Hits

Vulnerabilities found in Microsoft Azure AI

Threat-Advisory-Banner3

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content.

Continue reading
  171 Hits

CRON#TRAP phishing campaign

Threat-Advisory-Banner3

Threat update

A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts. Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign. 

Continue reading
  171 Hits

Vulnerabilities found in Microsoft Azure AI

Threat-Advisory-Banner3

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security measures to implement to protect your organization.

Continue reading
  143 Hits

VMware critical vulnerability

Threat-Advisory-Banner3

Threat update

VMware has recently released software updates to address a security flaw believed to have already been patched in vCenter Server. The vulnerability, known as CVE-2024-38812 with a CVSS score of 9.8, is a heap-overflow vulnerability. Continue reading this Cybersecurity Threat Advisory to mitigate your risk.

Continue reading
  146 Hits

SonicWall VPN vulnerability

Threat-Advisory-Banner3

Threat update

Fog and Akira ransomware operators are exploiting a critical SonicWall SSL VPN vulnerability, CVE-2024-40766, to breach corporate networks.

Continue reading
  131 Hits

Critical Ivanti CSA flaw actively exploited

Threat-Advisory-Banner3

Threat update

Three Ivanti Cloud Service Appliance (CSA) vulnerabilities are being exploited and weaponized in the wild. Read this Cybersecurity Threat Advisory to learn how you can mitigate your risk of being targeted.

Continue reading
  205 Hits

Windows Kernel vulnerability used in espionage campaign

Threat-Advisory-Banner3

Threat update

 Researchers have observed the well-known cyber espionage group OilRig exploiting a now-patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel to conduct espionage operations. Read this Cybersecurity Threat Advisory to learn more about the espionage campaign and how to avoid becoming a victim of the campaign.

Continue reading
  231 Hits

Mozilla Firefox zero-day vulnerability

Threat-Advisory-Banner3

Threat update

A Mozilla Firefox critical zero-day vulnerability, CVE-2024-9680, has emerged. This vulnerability allows an attacker to have unauthorized access and potential remote code execution on the affected OS. Continue reading this Cybersecurity Threat Advisory for recommendations to remediate this threat.

Continue reading
  178 Hits

Apache Avro SDK vulnerability

Threat-Advisory-Banner3

Threat update

A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate your risk.

Continue reading
  196 Hits

Exploited cryptojacking campaign impacting Docker

Threat-Advisory-Banner3

Threat update

 A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk from these vulnerabilities.

Continue reading
  201 Hits

Critical RCE vulnerability in ZCS

Threat-Advisory-Banner3

Threat update

There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra's SMTP PostJournal service. 

Continue reading
  252 Hits

SolarWinds ARM vulnerabilities

Threat-Advisory-Banner3

Threat update

SolarWinds has issued patches to address two vulnerabilities in its Access Rights Manager (ARM) software. Out of the two, one is a critical vulnerability that can lead to remote code execution (RCE).



Continue reading
  363 Hits

Veeam Backup security flaws

Threat-Advisory-Banner3

Threat update

There were recently six vulnerabilities discovered in Veeam Backup and Replication. One of them is an unauthenticated remote code execution (RCE), while the other five include authenticated RCE, arbitrary file deletion, low-privileged multi-factor authentication (MFA) setting modification and MFA bypass, credential sniffing, and privilege escalation. Review the details in this Cybersecurity Threat Advisory to limit customers' impact.

Continue reading
  314 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023