Search cyberveille.decio.ch

Found 11 bookmarks

Custom sorting

Threat Response - Critical Authentication Bypass in PAN-OS Management Web Interface

On 18 November 2024, Palo Alto Networks issued a security advisory for an authentication bypass vulnerability in the PAN-OS management web interface. The vulnerability is tracked under CVE-2024-0012 [1] and has a CVSS score for this is 9.3 [2]. The vulnerability allows an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges. As the Northwave CERT has already observed mass exploitation by multiple threat actors, we urge all recipients to implement mitigation measures and patch their systems.

#northwave-cybersecurity #EN #2024 #Critical #Authentication #Bypass #CVE-2024-0012

·northwave-cybersecurity.com·Dec 28, 2024

Threat Response - Critical Authentication Bypass in PAN-OS Management Web Interface

Google Calendar Notifications Bypassing Email Security Policies

Google Calendar is a tool for organizing schedules and managing time, designed to assist individuals and businesses in planning their days efficiently.

#checkpoint #EN #2024 #Google #Calendar #Notifications #phishing #bypass

·blog.checkpoint.com·Dec 20, 2024

Google Calendar Notifications Bypassing Email Security Policies

Zero-Day: How Attackers Use Corrupted Files to Bypass Detection

See technical analysis of a zero-day attack that uses corrupted malicious files to bypass detection by advanced security systems.

#any.run #EN #2024 #Corrupted #Files #Bypass #Detection #Analysis

·any.run·Dec 9, 2024

Zero-Day: How Attackers Use Corrupted Files to Bypass Detection

EDR Bypass Testing Reveals Extortion Actor's Toolkit

A threat actor attempted to use an AV/EDR bypass tool in an extortion attempt. Instead, the tool provided Unit 42 insight into the threat actor.

#paloaltonetworks #EN #2024 #EDR #Bypass #Testing #Toolkit #CortexXDR

·unit42.paloaltonetworks.com·Nov 5, 2024

EDR Bypass Testing Reveals Extortion Actor's Toolkit

The PrintNightmare is not Over Yet

Following the publication of my blog post A Practical Guide to PrintNightmare in 2024, a few people brought to my attention that there was a way to bypass the Point and Print (PnP) restrictions recommended at the end. So, rather than just updating this article with a quick note, I decided to dig a little deeper, and see if I could find a better way to protect against the exploitation of PnP configurations.

#itm4n #EN #2024 #printnightmare #PnP #CVE-2021-34481 #bypass

·itm4n.github.io·Oct 9, 2024

The PrintNightmare is not Over Yet

Ivanti warns of three more CSA zero-days exploited in attacks

American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.

#bleepingcomputer #EN #2024 #Bypass #Ivanti #Code #Command #Actively #Remote #Services #Exploited #Injection #Execution #Security #Zero-Day #CSA #Cloud #Appliance #CVE-2024-9379 #CVE-2024-9380 #CVE-2024-9381

·bleepingcomputer.com·Oct 8, 2024

Ivanti warns of three more CSA zero-days exploited in attacks

Critical Ivanti vTM auth bypass bug now exploited in attacks

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks.

#bleepingcomputer #EN #2024 #Authentication-Bypass #Bypass #CISA #Exploit #Ivanti #PoC

·bleepingcomputer.com·Sep 24, 2024

Critical Ivanti vTM auth bypass bug now exploited in attacks

Critical Exim bug bypasses security filters on 1.5 million mail servers

Censys warns that over 1.5 million Exim mail transfer agent (MTA) instances are unpatched against a critical vulnerability that lets threat actors bypass security filters.

#bleepingcomputer #EN #2024 #Bypass #Email #Exim #Mail #Security-Bypass #Vulnerability

·bleepingcomputer.com·Jul 12, 2024

Critical Exim bug bypasses security filters on 1.5 million mail servers

Bypassing Veeam Authentication CVE-2024-29849

Veeam Backup Enterprise Manager Authentication Bypass

#summoning.team #EN #2024 #Veeam #Backup #Enterprise #Manager #Authentication #Bypass #PoC #CVE-2024-29849

·summoning.team·Jun 11, 2024

Bypassing Veeam Authentication CVE-2024-29849

ConnectWise ScreenConnect: Authentication Bypass Deep Dive

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability, root cause, and indicators of compromise.

#horizon3 #EN #2024 #ConnectWise #ScreenConnect #bypass #vulnerability

·horizon3.ai·Feb 22, 2024

ConnectWise ScreenConnect: Authentication Bypass Deep Dive

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog

On 1/22/24, Fortra published a security advisory on CVE-2024-0204, a critical authentication bypass affecting its GoAnywhere MFT secure managed file transfer product prior to version 7.4.1.

#rapid7 #EN #2024 #Critical #Authentication #Bypass #CVE-2024-0204 #Fortra #GoAnywhere

·rapid7.com·Jan 23, 2024

CVE-2024-0204: Critical Authentication Bypass in Fortra GoAnywhere MFT | Rapid7 Blog