• The Hacker News

Vulnerability / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Su ... Read more

• Cybersecurity News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical security vulnerabilities being actively exploited by malicious actors. These flaws, impactin ... Read more

• BleepingComputer

​CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding ... Read more

• Help Net Security

The US Cybersecurity and Infrastructure Security Agency (CISA) has shared on Monday that the Treasury Department was the only US federal agency affected by the recent cybersecurity incident involving ... Read more

• The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The ag ... Read more

• Dark Reading

Source: artpartner-images.com via Alamy Stock PhotoA remarkable number of BeyondTrust instances remain connected to the Internet, despite dire warnings Chinese state-sponsored threat actors are active ... Read more

• The Hacker News

Vulnerability / Incident Response The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers ... Read more

• BleepingComputer

Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. In a letter sent to lawmakers and seen by the New York T ... Read more

• Cybersecurity News

Security researcher Alex Birnberg with SSD Secure Disclosure published the technical details and a proof-of-concept (PoC) exploit code for CVE-2024-30085 – a Windows Cloud Files Mini Filter Driver Ele ... Read more

• Cybersecurity News

A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package, which has over 8 million monthly downloads and a staggering 330 mil ... Read more

• Cybersecurity News

TRAC Labs recently unveiled a new phishing kit, named WikiKit, which is targeting industries across automotive, manufacturing, medical, and more. This sophisticated attack employs unique techniques to ... Read more

• The Register

in brief Google has announced plans to allow its business customers to begin "fingerprinting" users next year, and the UK Information Commissioner's Office (ICO) isn't happy about it. Fingerprinting i ... Read more

• TheCyberThrone

Incident DiscoveryOn December 2, 2024, BeyondTrust identified a significant security breach during a forensics investigation. This discovery set off a series of urgent actions to mitigate the impact a ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MUT-1244 targeting security researchers, red teamers, and threat actors A threat actor tracked as MUT- ... Read more

• TheCyberThrone

A critical vulnerability has been identified that affects the Databricks JDBC Driver. This vulnerability allows for remote code execution (RCE) through a JNDI injection exploit using a malicious JDBC ... Read more

• security.nl

Securitybedrijf BeyondTrust is getroffen door een aanval waarbij aanvallers hebben ingebroken op de Remote Support SaaS instances van klanten, zo heeft het bedrijf zelf bekendgemaakt. De Amerikaanse o ... Read more

• The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the ... Read more

• TheCyberThrone

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2024-12356: Command Injection Vulnerability in BeyondTrust PRA and RSO ... Read more

• BleepingComputer

Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. BeyondTrust is a cybersecurity company ... Read more

• Help Net Security

Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. ... Read more

• Help Net Security

Since making Kerberos the default Windows authentication protocol in 2000, Microsoft has been working on eventually retiring NTLM, its less secure and obsolete counterpart. Until NTLM gets disabled by ... Read more

• Help Net Security

On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code ... Read more

• Help Net Security

Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on ... Read more

• Help Net Security

A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distr ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449) Veeam has fixed ... Read more

• Help Net Security

December 2024 Patch Tuesday is now live: Microsoft fixes exploited zero-day (CVE-2024-49138) It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it ... Read more

• Help Net Security

A zero-day vulnerability in the Mitel MiCollab enterprise collaboration suite can be exploited to read files containing sensitive data, watchTowr researcher Sonny Macdonald has disclosed, and followed ... Read more

• Help Net Security

A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results of the hunt Earlier this ... Read more

• Help Net Security

Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for ... Read more

• Help Net Security

Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerab ... Read more