CYBERSECURITY / DEFENSE / INTELLIGENCE

1010.TEAM 🇺🇦

/

Archive

/

Tag: Vulnerability

  • The widely used team workspace corporate wiki Confluence has been discovered to have a critical remote code execution vulnerability. This vulnerability has been assigned with CVE-2024-21683 with a severity of 8.3 (High).  This vulnerability affects multiple versions of Confluence Data Center and server, including Data Center version 8.9.0 and Server versions 8.5.0 through 8.5.8 LTS. […] The post Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…

    ·

  • Team82 has uncovered multiple critical vulnerabilities in Honeywell’s ControlEdge Virtual Unit Operations Center (UOC). These vulnerabilities within the EpicMo protocol implementation could potentially allow attackers to execute remote code without authentication. Honeywell has since addressed these issues, but the discovery underscores the ongoing challenges in securing industrial control systems (ICS). ANYRUN malware sandbox’s 8th Birthday Special […] The post Multiple Vulnerabilities in Honeywell VirtualUOC Let Attackers Execute Remote Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A critical remote code execution vulnerability has been discovered in the git clone which was assigned with CVE-2024-32002 and the severity has been given as 9.0 (Critical). This particular vulnerability existed in the clone command that is widely used.  Git released a security advisory last week which stated that about a Remote Code Execution. In […] The post Critical Git Vulnerability Let Attackers Execute Remote Code : PoC Published appeared first on GBHackers on Security | #1 Globally Trusted Cyber…

    ·

  • Wireshark, the world’s foremost and widely used network protocol analyzer, has recently released version 4.2.5, which brings a host of new features and improvements. This latest update promises to enhance the user experience and provide even more powerful tools for network troubleshooting and analysis. One of the most significant additions in Wireshark 4.2.5 is the […] The post Wireshark 4.2.5 Released: What’s New! appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Google has issued an urgent security update for its Chrome browser after discovering a zero-day vulnerability that is currently being exploited by attackers. The vulnerability, tracked as CVE-2024-4761, affects the V8 JavaScript engine and could potentially allow attackers to execute arbitrary code on the user’s computer. Google has responded quickly with a patch, urging all users to update their browsers immediately to the latest version to protect against potential attacks. Free Webinar on Live API Attack Simulation: Book Your Seat | […] The post New Google Chrome Zero-day Exploited in the Wild, Patch Now! appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A critical vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw, identified as FG-IR-23-225, allows attackers to spoof IP addresses and bypass security controls by sending specially crafted packets. It affects multiple versions of FortiOS and FortiProxy. According to the advisory published by Fortinet, the vulnerability stems from improper validation of […] The post FortiOS & FortiProxy SSL-VPN Flaw Allows IP Spoofing via Malicious Packets appeared first on GBHackers on Security | #1 Globally Trusted Cyber…

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • In a concerning development for Dell Technologies, a threat actor known as Menelik has reportedly accessed and scraped sensitive customer data from a Dell support portal. This latest security breach, which follows a previous incident involving the theft of physical addresses of 49 million Dell customers, now includes the theft of names, phone numbers, and […] The post Dell Hack: Attacker Steals Customer Phone Numbers & Service Reports appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security…

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • In collaboration with Red Balloon Security, Narf Industries, and Niyo Little Thunder Pearson (ONEGas, Inc.), MITER has unveiled EMB3D, a comprehensive threat model designed to address the growing cybersecurity risks faced by embedded devices in critical infrastructure sectors. Embedded devices, widely employed across industries such as oil and gas, electric, water management, automotive, medical, satellite, […] The post MITRE Releases EMB3D Cybersecurity Threat Model for Embedded Devices appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News…

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • Cacti, the widely utilized network monitoring tool, has recently issued a critical security update to address a series of vulnerabilities, with the most severe being CVE-2024-25641. This particular vulnerability has been assigned a high severity rating with a CVSS score of 9.1, indicating its potential impact on affected systems. Free Webinar on Live API Attack Simulation: […] The post Critical Cacti Vulnerability Let Attackers Execute Remote Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    ·

    ¶¶¶¶¶

    ¶¶¶¶¶

  • A zero-day vulnerability in Microsoft Edge, which has been tagged as CVE-2024-4671, has been aggressively exploited by evil organizations, according to reports. This security flaw originates from the Chromium engine that underpins the browser. Chromium is also the foundation for Google Chrome and several other similar browsers. CVE-2024-4671: A Critical Security Breach As a vulnerability […] The post Microsoft Edge Zero-Day Vulnerability Exploited in the Wild appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

    ·