Exploitation
-
Blog
CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical security vulnerability in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. This flaw (tracked as CVE-2024-50623 and impacting all versions before version 5.8.0.21) enables unauthenticated attackers to gain remote code execution on vulnerable servers exposed online. Cleo released security updates to fix it in October and warned all…
Read More » -
Blog
Everything you need to know about the ‘mass exploitation’ of FortiManager appliances
A vulnerability in Fortinet’s network and security management tool, FortiManager, has been under “mass exploitation” for over three months, according to a report from Google’s threat intelligence arm Mandiant. CVE-2024-47575 is a missing authentication flaw affecting critical functions in FortiManager that would allow an attacker to use an unauthorized, compromised device to execute arbitrary code or commands on other FortiManager…
Read More » -
Blog
Exploitation of Docker remote API servers has reached a “critical level”
Hackers are exploiting unprotected Docker remote API servers to deploy malware, with researchers stating the threat has reached a “critical level” and warning organizations to act now. A report from Trend Micro published on 21 October details how researchers observed an unknown threat actor abusing exposed docker remote API servers to deploy the ‘perfctl’ malware. The attack sequence begins with…
Read More »