Security

Pierluigi Paganini July 05, 2024
Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus

Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves exploiting two custom classes to upload and load […]

Pierluigi Paganini July 04, 2024
Brazil data protection authority bans Meta from training AI models with data originating in the country

Brazil’s data protection authority temporarily banned Meta from using data originating in the country to train its artificial intelligence. Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has imposed a temporary ban on Meta from processing users’ personal data for training its artificial intelligence (AI) models. “The National Data Protection Authority (ANPD) issued […]

Pierluigi Paganini July 04, 2024
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform

Technology company Splunk released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. Technology company Splunk addressed 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including four high-severity flaws. The vulnerability CVE-2024-36985 is a Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk […]

Pierluigi Paganini July 03, 2024
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors

An international law enforcement operation code-named Operation Morpheus led to the takedown of 593 Cobalt Strike servers used by crooks. An international law enforcement operation, code-named Operation Morpheus, aimed at combatting the criminal abuse of an older, unlicensed version of the Cobalt Strike red teaming tool. The Cobalt Strike platform was developed for Adversary Simulations […]

Pierluigi Paganini July 02, 2024
Australian man charged for Evil Twin Wi-Fi attacks on domestic flights

An Australian man has been charged with carrying out ‘Evil Twin’ Wi-Fi attack during a domestic flight to steal user credentials and data. An Evil Twin Wi-Fi attack is a type of cyberattack where a threat actor sets up a rogue wireless access point that mimics a legitimate one. The goal is to trick users […]

Pierluigi Paganini July 02, 2024
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-2024-20399 (CVSS score of 6.0), that the China-linked group Velvet Ant exploited to deploy previously unknown malware as root on vulnerable switches. The flaw resides in the […]

Pierluigi Paganini July 01, 2024
Critical unauthenticated remote code execution flaw in OpenSSH server

A critical flaw in the OpenSSH server can be exploited to achieve unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintainers addressed a critical vulnerability, tracked as CVE-2024-6387, that can lead to unauthenticated remote code execution with root privileges in glibc-based Linux systems. OpenSSH maintained have addressed the vulnerability with the […]

Pierluigi Paganini July 01, 2024
Juniper Networks fixed a critical authentication bypass flaw in some of its routers

Juniper Networks released out-of-band security updates to address a critical authentication bypass vulnerability impacting some of its routers. Juniper Networks has released out-of-band security updates to address a critical vulnerability, tracked as CVE-2024-2973 (CVSS score of 10.0), that could lead to an authentication bypass in some of its routers. The company discovered the vulnerability during […]

Pierluigi Paganini July 01, 2024
Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769

Experts spotted threat actors exploiting the critical vulnerability CVE-2024-0769 affects all D-Link DIR-859 WiFi routers. Researchers from cybersecurity firm GreyNoise have spotted exploitation attempts for the critical vulnerability CVE-2024-0769 (CVSS score 9.8) impacting all D-Link DIR-859 WiFi routers. The vulnerability is a path traversal issue that can lead to information disclosure. Threat actors are exploiting the […]

Pierluigi Paganini June 30, 2024
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Infosys McCamish Systems data breach impacted over 6 million people A cyberattack shut down the University Hospital Centre […]