Found 5 bookmarks
Custom sorting
Check Point - Wrong Check Point (CVE-2024-24919)
Check Point - Wrong Check Point (CVE-2024-24919)
Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This time, it is Check Point who is the focus of our penetrative gaze. Check Point, for those unaware, is the vendor responsible for the 'CloudGuard Network Security' appliance, yet another device claiming to be secure and hardened. Their slogan - "you deserve the best security" - implies they are a company you can trust with the security of your network. A bold claim.
#watchtowr#EN#2024#CVE-2024-24919#checkpoint#analysis#patch-diff
·labs.watchtowr.com·
Check Point - Wrong Check Point (CVE-2024-24919)
Foxit PDF “Flawed Design” Exploitation
Foxit PDF “Flawed Design” Exploitation
PDF (Portable Document Format) files have become an integral part of modern digital communication. Renowned for their universality and fidelity, PDFs offer a robust platform for sharing documents across diverse computing environments. PDFs have evolved into a standard format for presenting text, images, and multimedia content with consistent layout and formatting, irrespective of the software, hardware, or operating system used to view them. This versatility has made PDFs indispensable in fields ranging from business and academia to government and personal use, serving as a reliable means of exchanging information in a structured and accessible manner.
#checkpoint#EN#2024#Foxit#PDF#Exploitation
·research.checkpoint.com·
Foxit PDF “Flawed Design” Exploitation
Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities
Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities
  • Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published. Campaigns that we were able to attribute to this actor targeted Ivanti, Magento, Qlink Sense and possibly Apache ActiveMQ. Analysis of the actor’s recent Ivanti Connect Secure VPN campaign revealed a novel Linux version of a malware called NerbianRAT, in addition to WARPWIRE, a JavaScript credential stealer. * The actor’s arsenal also includes MiniNerbian, a small Linux backdoor, and remote monitoring and management (RMM) tools for Windows like ScreenConnect and AnyDesk.
#checkpoint#EN#2024#Magnet-Goblin#1-day#vulnerability#Linux#NerbianRAT
·research.checkpoint.com·
Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities
The Risks of the #MonikerLink Bug in Microsoft Outlook and the Big Picture
The Risks of the #MonikerLink Bug in Microsoft Outlook and the Big Picture
Recently, Check Point Research released a white paper titled “The Obvious, the Normal, and the Advanced: A Comprehensive Analysis of Outlook Attack Vectors”, detailing various attack vectors on Outlook to help the industry understand the security risks the popular Outlook app may bring into organizations. As mentioned in the paper, we discovered an interesting security issue in Outlook when the app handles specific hyperlinks. In this blog post, we will share our research on the issue with the security community and help defend against it. We will also highlight the broader impact of this bug in other software.
#checkpoint#EN#2024#Outlook#CVE-2024-21413#MonikerLink
·research.checkpoint.com·
The Risks of the #MonikerLink Bug in Microsoft Outlook and the Big Picture