IT Information Security

Pierluigi Paganini October 20, 2024
F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP

Technology firm F5 patches a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity flaw in BIG-IQ. F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP […]

Pierluigi Paganini October 19, 2024
U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. This week, Sophos researchers warned that ransomware operators are exploiting the […]

Pierluigi Paganini October 19, 2024
North Korea-linked APT37 exploited IE zero-day in a recent attack

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt, Reaper, ScarCruft, Group123), exploited a recent Internet Explorer zero-day vulnerability, tracked as CVE-2024-38178 (CVSS score 7.5), in a supply chain attack. Threat intelligence firm AhnLab and South […]

Pierluigi Paganini October 19, 2024
Omni Family Health data breach impacts 468,344 individuals

Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to communities in California, focusing on underserved populations. They offer a range of services, including primary care, dental care, behavioral health, and preventive services. Omni Family Health aims […]

Pierluigi Paganini October 18, 2024
Iran-linked actors target critical infrastructure organizations

U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S., Australia, and Canada, warn about a year-long campaign carried out by Iran-linked threat actors to break into critical infrastructure organizations via brute force and password spraying attacks. The attacks […]

Pierluigi Paganini October 18, 2024
macOS HM Surf flaw in TCC allows bypass Safari privacy settings

Microsoft disclosed a flaw in the macOS Apple’s Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulnerability, tracked as CVE-2024-44133 and code-named ‘HM Surf’, in Apple’s Transparency, Consent, and Control (TCC) framework in macOS. Apple’s Transparency, Consent, and Control framework in macOS […]

Pierluigi Paganini October 18, 2024
Two Sudanese nationals indicted for operating the Anonymous Sudan group

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27) with operating and controlling the cybercrime collective Anonymous Sudan that launched tens of thousands of Distributed Denial of Service (DDoS) attacks […]

Pierluigi Paganini October 17, 2024
Russia-linked RomCom group targeted Ukrainian government agencies since late 2023

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) targeting Ukrainian government agencies and Polish entities in a new wave of attacks since at least late 2023.  In the recent attacks, RomCom […]

Pierluigi Paganini October 17, 2024
A critical flaw in Kubernetes Image Builder could allow attackers to gain root access

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), could allow attackers to gain root access if exploited under specific conditions. Only Kubernetes clusters with nodes using VM images from the Image Builder project and […]

Pierluigi Paganini October 17, 2024
VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately […]