Posts tagged 脆弱性管理

补丁星期二- 2024年6月

还是MSMQ RCE. Office恶意文件rce. SharePoint远端控制设备. DNSSEC NSEC3 DoS.

CVE-2024-28995: Trivially Exploitable Information Disclosure 脆弱性 in SolarWinds Serv-U

6月5日, 2024, SolarWinds disclosed CVE-2024-28995, a high-severity directory traversal vulnerability affecting the Serv-U file transfer server. 成功ful exploitation of the vulnerability allows unauthenticated attackers to read sensitive files on the host.

2分钟脆弱性管理

The Dreaded Network Pivot: An Attack Intelligence Story

The spiritual successor to our annual 脆弱性 Intelligence Report, the AIR includes data from the Rapid7 research team combined with our detection 和 response 和 threat intelligence teams.

4分钟紧急威胁响应

CVE-2024-24919: Check Point Security Gateway Information Disclosure

5月28日, 2024, Check Point published an advisory for CVE-2024-24919, a high-severity information disclosure vulnerability affecting Check Point Security Gateway devices configured with either the “IPSec VPN” or “Mobile Access” software blade.

8分钟星期二补丁

补丁星期二- 2024年5月

Zero-days in DWM, MSHTML, 和 Visual Studio. SharePoint critical post-auth RCE. 远程接入修复. 移动宽带USB总线.

3分钟紧急威胁响应

Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise

CVE-2024-4040 is an unauthenticated zero-day vulnerability in managed file transfer software CrushFTP. 成功ful exploitation allows for arbitrary file read as root, authentication bypass for administrator account access, 以及远程代码执行.

4分钟紧急威胁响应

CVE-2024-3400: Critical Comm和 Injection 脆弱性 in Palo Alto Networks Firewalls

在周五, 4月12日, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. CVE-2024-3400 allows for arbitrary code execution as root.

13分钟星期二补丁

补丁星期二- 2024年4月

One late-breaking zero-day vuln. 物联网关键rce的防御者. Dozens of SQL OLE DB driver RCEs. Microsoft adds CWE 和 Vector String Source to advisories.

2分钟脆弱性管理

Rapid7 offers continued vulnerability coverage in the face of NVD delays

Recently, the US National Institute of St和ards 和 Technology (NIST) announced on the National 脆弱性 Database (NVD) site [http://nvd.nist.gov /) there would be delays in adding information on newly published CVEs. NVD enriches CVEs with basic details about a vulnerability like the vulnerability’s CVSS score, software products impacted by a CVE, information on the bug, 补丁状态等. Since February 12th, 2024, NVD has largely stopped 丰富的漏洞. 鉴于兄弟

8分钟脆弱性管理

补丁星期二- 2024年3月

这个月没有零日漏洞. A single critical RCE: Hyper-V guest escape. 交换恶意DLL RCE. SharePoint的王牌. Azure Kubernetes Service Confidential Containers. Windows 11压缩文件夹.

3分钟脆弱性管理

High-Risk Vulnerabilities in ConnectWise ScreenConnect

2月19日, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7点及更早.

9分钟星期二补丁

补丁星期二- 2024年2月

Windows SmartScreen & Internet快捷方式. 局保护模式旁路. Exchange critical elevation of privilege.

2分钟紧急威胁响应

Critical Fortinet FortiOS CVE-2024-21762 Exploited

CVE-2024-21762 is a critical out-of-bounds write vulnerability in Fortinet's FortiOS operating system that is known to have been exploited in the wild. Fortinet SSL VPN vulnerabilities are frequent targets for state-sponsored 和 other motivated adversaries.

5分钟脆弱性管理

Whispers of Atlantida: Safeguarding Your Digital Treasure

Recently, Rapid7 observed a new stealer named Atlantida. The stealer tricks users to download a malicious file from a compromised website, 和 uses several evasion techniques such as reflective loading 和 injection before the stealer is loaded.

7分钟星期二补丁

补丁星期二- 2024年1月

Hyper-V临界RCE. Office FBX 3D模型vuln. SharePoint远端控制设备. 关键字Kerberos MitM. 没有零日. Smallest January PT for several years.