Vulnerebility Blog News(408)-   2024  2023  2022  2021  2020  2019  2018

APT blog  Attack blog  BigBrother blog  BotNet blog  Cyber blog  Cryptocurrency blog  Exploit blog  Hacking blog  ICS blog  Incident blog  IoT blog  Malware blog  OS Blog  Phishing blog  Ransom blog  Safety blog  Security blog  Social blog  Spam blog  Vulnerebility blog

DATE

NAME

Info

CATEG.

WEB

21.12.24

Exploring vulnerable Windows driversThis post is the result of research into the real-world application of the Bring Your Own Vulnerable Driver (BYOVD) technique along with Cisco Talos’ series of posts about malicious Windows drivers.Vulnerebility blog

Cisco Blog

21.12.24

Microsoft Patch Tuesday for December 2024 contains four critical vulnerabilitiesThe Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”Vulnerebility blog

Cisco Blog

21.12.24

Acrobat out-of-bounds and Foxit use-after-free PDF reader vulnerabilities foundCisco Talos’ Vulnerability Research team recently disclosed three out-of-bounds read vulnerabilities in Adobe Acrobat Reader, and two use-after-free vulnerabilities in Foxit Reader. These vulnerabilities exist in Adobe Acrobat Reader and Foxit Reader, two of the most popular aVulnerebility blog

Cisco Blog

21.12.24

MC LR Router and GoCast unpatched vulnerabilitiesCisco Talos' Vulnerability Research team recently discovered two vulnerabilities in MC Technologies LR Router and three vulnerabilities in the GoCast service. These vulnerabilities have not been patched at time of this posting. For Snort coverage that can detect the exploVulnerebility blog

Cisco Blog

21.12.24

Finding vulnerabilities in ClipSp, the driver at the core of Windows’ Client License PlatformBy Philippe Laulheret ClipSP (clipsp.sys) is a Windows driver used to implement client licensing and system policies on Windows 10 and 11 systems. Cisco Talos researchers have discovered eight vulnerabilities related to clipsp.sys ranging from signature bypass to elevation of pVulnerebility blogCisco Blog

21.12.24

CVE-2024-55956: Zero-Day Vulnerability in Cleo Software Could Lead to Data Theft

A zero-day vulnerability, tracked as CVE-2024-55956, has been discovered in 3 Cleo products and is being exploited by CL0P ransomware group, leading to potential data theft

Vulnerebility blog

Cybereason

2.11.24

Attacker Abuses Victim Resources to Reap Rewards from Titan NetworkIn this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes.Vulnerebility blog

Trend Micro

2.11.24

Command Injection and Local File Inclusion in Grafana: CVE-2024-9264The SonicWall Capture Labs threat research team became aware of a critical vulnerability in Grafana, assessed its impact and developed mitigation measures. Grafana is a multi-platform open-source analytics and visualization solution that can produce charts, graphs and alerts according to the data. Vulnerebility blogSonicWall

2.11.24

Code Injection in Spring Cloud: CVE-2024-37084The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-37084, assessed its impact, and developed mitigation measures for this vulnerability. Vulnerebility blogSonicWall

2.11.24

VMWare vCenter Server CVE-2024-38812 DCERPC VulnerabilityCVE-2024-38812 is a critical heap-overflow vulnerability identified in VMware vCenter Server’s implementation of the DCERPC (Distributed Computing Environment/Remote Procedure Call) protocol. This flaw allows a malicious actor with network access to the vCenter Server to send specially crafted packets, potentially leading to remote code execution (RCE). The vulnerability, classified under CWE-122 (Heap-based Buffer Overflow), arises when memory allocated in the heap is improperly overwritten, leading to unpredictable behavior that could be exploited.Vulnerebility blogSonicWall

2.11.24

Insecure Deserialization in Veeam Backup and Replication: CVE-2024-40711The SonicWall Capture Labs threat research team became aware of an insecure deserialization vulnerability in Veeam Backup & Replication, assessed its impact and developed mitigation measures. Veeam Backup & Replication is a proprietary backup app developed by Veeam for virtual environments built on VMware vSphere, Nutanix AHV and Microsoft Hyper-V hypervisors. Vulnerebility blogSonicWall

2.11.24

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilitiesCisco Talos' Vulnerability Research team recently discovered five Nvidia out-of-bounds access vulnerabilities in shader processing, as well as eleven LevelOne router vulnerabilities spanning a range of possible exploits. For Snort coverage that can detect the exploitation ofVulnerebility blogCisco Blog

2.11.24

Vulnerability in popular PDF reader could lead to arbitrary code execution; Multiple issues in GNOME projectTalos also discovered three vulnerabilities in Veertu’s Anka Build, a suite of software designed to test macOS or iOS applications in CI/CD environments.Vulnerebility blogCisco Blog

2.11.24

Largest Patch Tuesday since July includes two exploited in the wild, three critical vulnerabilitiesThe two vulnerabilities that Microsoft reports have been actively exploited in the wild and are publicly known are both rated as only being of “moderate” severity.Vulnerebility blogCisco Blog

2.11.24

Breaking Boundaries: Investigating Vulnerable Drivers and Mitigating RisksHave you ever wondered why there are so many vulnerable drivers and what might be causing them to be vulnerable? Do you want to understand why some drivers are prone to crossing security boundaries and how we can stop that? Vulnerebility blogCheckpoint

2.11.24

From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World CodeIn our previous post, Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models, we introduced our framework for large-language-model-assisted vulnerability research and demonstrated its potential by improving the state-of-the-art performance on Meta's CyberSecEval2 benchmarks. Since then, Naptime has evolved into Big Sleep, a collaboration between Google Project Zero and Google DeepMind.Vulnerebility blogProject Zero

2.11.24

The Windows Registry Adventure #4: Hives and the registry layoutTo a normal user or even a Win32 application developer, the registry layout may seem simple: there are five root keys that we know from Regedit (abbreviated as HKCR, HKLM, HKCU, HKU and HKCC), and each of them contains a nested tree structure that serves a specific role in the systemVulnerebility blogProject Zero

2.11.24

Effective Fuzzing: A Dav1d Case StudyLate in 2023, while working on a 20% project with Project Zero, I found an integer overflow in the dav1d AV1 video decoder. That integer overflow leads to an out-of-bounds write to memory. Dav1d 1.4.0 patched this, and it was assigned CVE-2024-1580. Vulnerebility blogProject Zero

21.9.24

Vulnerabilities in Cellular Packet Cores Part IV: AuthenticationOur research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC), both of which have now been resolved and are discussed in this blog post.Vulnerebility blog

Trend Micro

21.9.24

Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability (CVE-2024-20017) Threatens Routers and SmartphonesOverview The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-20017, assessed its impact and developed mitigation measures for the vulnerability. CVE-2024-20017 is a critical zero-click vulnerability with a CVSS 3.0 scoreVulnerebility blogSonicWall

14.9.24

Protecting Against RCE Attacks Abusing WhatsUp Gold VulnerabilitiesIn this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671. Vulnerebility blog

Trend Micro

14.9.24

Hold – Verify – Execute: Rise of Malicious POCs Targeting Security ResearchersWhile investigating CVE-2024-5932, a code injection vulnerability in the GiveWP WordPress plugin, our team encountered a malicious Proof of Concept (POC) targeting cybersecurity professionals. This has become a growing threat to cybersecurity professionals from threat actors to achieve their motives, such as crypto mining, data exfiltration and backdoor installationVulnerebility blog

SonicWall

14.9.24

Vulnerability in Tencent WeChat custom browser could lead to remote code executionWhile this issue was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component was not updated, and still remained vulnerable when Talos reported it to the vendor.Vulnerebility blog

Cisco Blog

14.9.24

Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows APICVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges.Vulnerebility blog

Cisco Blog

14.9.24

Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity scoreSeptember’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.Vulnerebility blog

Cisco Blog

7.9.24

CVE-2024-23119: Critical SQL Injection Vulnerability in CentreonOverview The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-23119, assessed its impact and developed mitigation measures for this vulnerability. CVE-2024-23119 is a high-severity SQL Injection vulnerability in Centreon, impacting CentreonVulnerebility blogSonicWall

31.8.24

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system.

Vulnerebility blog

Trend Micro

31.8.24

CVE-2024-7928: FastAdmin Unauthenticated Path Traversal Vulnerability

The SonicWall Capture Labs threat research team became aware of an unauthenticated directory traversal vulnerability affecting FastAdmin installations. Identified as CVE-2024-7928 and with a moderate score of 5.3 CVSSv3, the vulnerability is more severe than it initially appears.

Vulnerebility blog

SonicWall

31.8.24

The vulnerabilities we uncovered by fuzzing µC/OS protocol stacks

Fuzzing has long been one of our favorite ways to search for security issues or vulnerabilities in software, but when it comes to fuzzing popular systems used in ICS environments, it traditionally involved a custom hardware setup to fuzz the code in its native environment.

Vulnerebility blog

Cisco Blog

31.8.24

Fuzzing µC/OS protocol stacks, Part 1: HTTP server fuzzing

Any vulnerability in an RTOS has the potential to affect many devices across multiple industries.

Vulnerebility blog

Cisco Blog

31.8.24

Fuzzing µCOS protocol stacks, Part 2: Handling multiple requests per test case

This time, I’ll discuss why this approach is more challenging than simply substituting a socket file descriptor with a typical file descriptor.

Vulnerebility blog

Cisco Blog

31.8.24

Fuzzing µC/OS protocol stacks, Part 3: TCP/IP server fuzzing, implementing a TAP driver

This is the final post in the three-part series that details techniques I used to fuzz two µC/OS protocol stacks: µC/TCP-IP and µC/HTTP-server.

Vulnerebility blog

Cisco Blog

31.8.24

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

Demystifying CVE-2024-7262 and CVE-2024-7263

Vulnerebility blog

Eset

24.8.24

Cisco Smart Software Manager On-Prem Account TakeoverThe SonicWall Capture Labs threat research team became aware of an account takeover vulnerability in Cisco’s Smart Software Manager (SSM), assessed its impact and developed mitigation measures for the vulnerability. Vulnerebility blogSonicWall

24.8.24

Understanding CVE-2024-38063: How SonicWall Prevents ExploitationCVE-2024-38063 is a critical remote code execution vulnerability in Windows systems with the IPv6 stack, carrying a CVSS score of 9.8. This zero-click, wormable flaw allows attackers to execute arbitrary code remotely via specially crafted IPv6 packets, potentially leading to full system compromise.Vulnerebility blogSonicWall

10.8.24

SonicWall Discovers Second Critical Apache OFBiz Zero-Day VulnerabilityThe SonicWall Capture Labs threat research team has discovered a pre-authentication remote code execution vulnerability in Apache OFBiz being tracked as CVE-2024-38856 with a CVSS score of 9.8. This is the second major flaw SonicWall has discovered in Apache OFBiz in recent months, the first coming in December 2023. Vulnerebility blog

SonicWall

10.8.24

Protecting SmartPLC Devices from Critical Hardcoded Credential Vulnerability CVE-2024-28747Protecting SmartPLC Devices from Critical Hardcoded Credential Vulnerability CVE-2024-28747Vulnerebility blog

SonicWall

10.8.24

Protect Your Network: Mitigating the Latest Vulnerability (CVE-2024-5008) in Progress WhatsUp GoldThe SonicWall Capture Labs threat research team became aware of an arbitrary file upload vulnerability in Progress WhatsUp Gold, assessed its impact and developed mitigation measures. WhatsUp Gold is a software that monitors every connected device in the network, providing visibility into the IT infrastructure. It also has the functionality to swiftly pinpoint and resolve issues in the infrastructure by utilizing its intuitive workflows and system integrations. Vulnerebility blogSonicWall

3.8.24

GeoServer RCE Vulnerability (CVE-2024-36401) Being Exploited In the WildThe SonicWall Capture Labs threat research team became aware of a remote code execution vulnerability in GeoServer, assessed its impact and developed mitigation measures. GeoServer is a community-driven project that allows users to share and edit geospatial dataVulnerebility blog

SonicWall

3.8.24

Protecting SmartPLC Devices from Critical Hardcoded Credential Vulnerability CVE-2024-28747The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-28747, a vulnerability in SmartPLC devices, assessed its impact and developed mitigation measures for this vulnerability. Vulnerebility blog

SonicWall

3.8.24

There is no real fix to the security issues recently found in GitHub and other similar softwareThe lesson for users, especially if you’re a private company that primarily uses GitHub, is just to understand the inherent dangers of using open-source software.Vulnerebility blogCisco Blog

27.7.24

The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409

We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems.

Vulnerebility blog

Trend Micro

27.7.24

Critical Splunk Vulnerability CVE-2024-36991: Patch Now to Prevent Arbitrary File Reads

The SonicWall Capture Labs threat research team became aware of an arbitrary file read vulnerability affecting Splunk Enterprise installations. Identified as CVE-2024-36991 and given a CVSSv3 score of 7.5, the vulnerability is more severe than it initially appeared.

Vulnerebility blog

SonicWall

20.7.24

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day AttacksOur threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched.Vulnerebility blogTrend Micro

20.7.24

The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems.Vulnerebility blogTrend Micro

20.7.24

Container Breakouts: Escape Techniques in Cloud EnvironmentsContainer escapes are a notable security risk for organizations, because they can be a critical step of an attack chain that can allow malicious threat actors access. We previously published one such attack chain in an article about a runC vulnerability. Vulnerebility blogPalo Alto

13.7.24

Microsoft Security Bulletin Coverage for July 2024Microsoft’s July 2024 Patch Tuesday has 138 vulnerabilities, 59 of which are Remote Code Execution. The SonicWall Capture Lab’s threat research team has analyzed and addressed Microsoft’s security advisories for the month of July 2024 and has produced coverage for 7 of the reported vulnerabilities. Vulnerebility blogSonicWall

13.7.24

Adobe Commerce Unauthorized XXE VulnerabilityThe SonicWall Capture Labs threat research team became aware of an XML External Entity Reference vulnerability affecting Adobe Commerce and Magento Open Source. It is identified as CVE-2024-34102 and given a critical CVSSv3 score of 9.8. Labeled as an Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability and categorized as CWE-611, this vulnerability allows an attacker unauthorized access to private files, such as those containing passwords. Successful exploitation could lead to arbitrary code execution, security feature bypass, and privilege escalation. Vulnerebility blogSonicWall

13.7.24

RESURRECTING INTERNET EXPLORER: THREAT ACTORS USING ZERO-DAY TRICKS IN INTERNET SHORTCUT FILE TO LURE VICTIMS (CVE-2024-38112)Check Point Research recently discovered that threat actors have been using novel (or previously unknown) tricks to lure Windows users for remote code execution.Vulnerebility blogCheckpoint

13.7.24

15 vulnerabilities discovered in software development kit for wireless routersTalos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router.Vulnerebility blogCisco Blog

13.7.24

Largest Patch Tuesday in 3 months includes 5 critical vulnerabilitiesThis is the largest Patch Tuesday since April, when Microsoft patched 150 vulnerabilities.Vulnerebility blogCisco Blog

6.7.24

High-Risk Path Traversal in SolarWinds Serv-UThe SonicWall Capture Labs threat research team became aware of a path traversal vulnerability in SolarWinds Serv-U, assessed its impact and developed mitigation measures.Vulnerebility blogSonicWall
29.6.24Multiple vulnerabilities in TP-Link Omada system could lead to root accessAffected devices could include wireless access points, routers, switches and VPNs.Vulnerebility blogCisco Blog
15.6.24Microsoft Security Bulletin Coverage for June 2024Microsoft’s June 2024 Patch Tuesday has 49 vulnerabilities, 24 of which are Elevation of Privilege. The SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of June 2024 and has produced coverage for seven of the reported vulnerabilities. Vulnerebility blogSonicWall
15.6.24Critical Path Traversal Vulnerability in Check Point Security Gateways (CVE-2024-24919)The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Check Point Security Gateways. Identified as CVE-2024-24919 and given a CVSSv3 score of 8.6, the vulnerability is more severe than it initially appears.Vulnerebility blogSonicWall
15.6.24Only one critical issue disclosed as part of Microsoft Patch TuesdayThe lone critical security issue is a remote code execution vulnerability due to a use-after-free issue in the HTTP handling function of Microsoft Message Queuing.Vulnerebility blogCisco Blog
8.6.24Critical Path Traversal Vulnerability in Check Point Security Gateways (CVE-2024-24919)The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Check Point Security Gateways. Identified as CVE-2024-24919 and given a CVSSv3 score of 8.6, the vulnerability is more severe than it initially appearsVulnerebility blogSonicWall

1.6.24

Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privilegesAcrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read vulnerabilities that could lead to the exposure of sensitive contents of arbitrary memory in the application.Vulnerebility blogCisco Blog

18.5.24

Only one critical vulnerability included in May’s Microsoft Patch Tuesday; One other zero-day in DWN CoreThe lone critical security issue is CVE-2024-30044, a remote code execution vulnerability in SharePoint Server.Vulnerebility blogCisco Blog

18.5.24

A new alert system from CISA seems to be effective — now we just need companies to sign upUnder a pilot program, CISA has sent out more than 2,000 alerts to registered organizations regarding the existence of any unpatched vulnerabilities in CISA’s KEV catalog.Vulnerebility blogCisco Blog

11.5.24

Talos discloses multiple zero-day vulnerabilities, two of which could lead to code executionTwo vulnerabilities in this group — one in the Tinyroxy HTTP proxy daemon and another in the stb_vorbis.c file library — could lead to arbitrary code execution, earning both issues a CVSS score of 9.8 out of 10.Vulnerebility blogCisco Blog
4.5.24Vulnerabilities in employee management system could lead to remote code execution, login credential theftTalos also recently helped to responsibly disclose and patch other vulnerabilities in the Foxit PDF Reader and two open-source libraries that support the processing and handling of DICOM files.Vulnerebility blogCisco Blog
20.4.24The Windows Registry Adventure #2: A brief history of the featureBefore diving into the low-level security aspects of the registry, it is important to understand its role in the operating system and a bit of history behind it. In essence, the registry is a hierarchical database made of named "keys" and "values", used by Windows and applications to store a variety of settings and configuration data.Vulnerebility blogProject Zero
20.4.24The Windows Registry Adventure #1: Introduction and research resultsIn the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs.Vulnerebility blogProject Zero
13.4.24Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400Palo Alto Networks and Unit 42 are engaged in tracking activity related to CVE-2024-3400 and are working with external researchers, partners and customers to share information transparently and rapidly. Vulnerebility blogPalo Alto
13.4.24Vulnerability in some TP-Link routers could lead to factory resetThere are also two out-of-bounds write vulnerabilities in the AMD Radeon user mode driver for DirectX 11.Vulnerebility blogCisco Blog
31.3.24Threat Brief: Vulnerability in XZ Utils Data Compression Library Impacting Multiple Linux Distributions (CVE-2024-3094)On March 28, 2024, Red Hat Linux announced CVE-2024-3094 with a critical CVSS score of 10. This vulnerability is a result of a supply chain compromise impacting the versions 5.6.0 and 5.6.1 of XZ Utils. XZ Utils is data compression software included in major Linux distributions. Vulnerebility blogPalo Alto
31.3.24Exposing a New BOLA Vulnerability in GrafanaUnit 42 researchers have discovered a new Broken Object Level Authorization (BOLA) vulnerability that impacts Grafana versions from 9.5.0 before 9.5.18, from 10.0.0 before 10.0.13, from 10.1.0 before 10.1.9, from 10.2.0 before 10.2.6, from 10.3.0 before 10.3.5. Vulnerebility blogPalo Alto
23.3.24Netgear wireless router open to code execution after buffer overflow vulnerabilityThere is also a newly disclosed vulnerability in a graphics driver for some NVIDIA GPUs that could lead to a memory leak.Vulnerebility blogCisco Blog
23.3.24Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro WordResearch conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution.Vulnerebility blogCisco Blog
23.3.24Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by MicrosoftMarch’s Patch Tuesday is relatively light, containing 60 vulnerabilities — only two labeled “critical.”Vulnerebility blogCisco Blog
9.3.24MAGNET GOBLIN TARGETS PUBLICLY FACING SERVERS USING 1-DAY VULNERABILITIESMagnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published.Vulnerebility blogCheckpoint
2.3.24Vulnerabilities in business VPNs under the spotlightAs adversaries increasingly set their sights on vulnerable enterprise VPN software to infiltrate corporate networks, concerns mount about VPNs themselves being a source of cyber riskVulnerebility blogEset
25.2.24Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)Feb. 13, 2024, ConnectWise was notified of two vulnerabilities impacting their remote desktop software application ScreenConnect. These vulnerabilities were first reported through their vulnerability disclosure channel in the ConnectWise Trust Center. Vulnerebility blogPalo Alto
25.2.24How CVSS 4.0 changes (or doesn’t) the way we see vulnerability severityWhile distilling risk down to a simple numerical score is helpful for many in the security space, it is also an imperfect system that can often leave out important context.Vulnerebility blogCisco Blog
18.2.24New Vulnerability in QNAP QTS Firmware: CVE-2023-50358This article provides technical analysis on a zero-day vulnerability affecting QNAP Network Attached Storage (NAS) devices.Vulnerebility blogPalo Alto
18.2.24Cyber-insurance and vulnerability scanning – Week in security with Tony AnscombeHere's how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signalsVulnerebility blogEset
10.2.24OAS Engine Deep Dive: Abusing low-impact vulnerabilities to escalate privilegesOpen Automation Software recently released patches for multiple vulnerabilities in their OAS Engine.  Cisco Talos publicly disclosed these issues after working with Open Automation Software to ensure that patches were available for users. Now that a fix has been released with VeVulnerebility blogCisco Blog