CVE Alert: CVE-2024-11268
Vulnerability Summary: CVE-2024-11268 A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious...
Month: December 2024
CVE Alert: CVE-2024-54147
Vulnerability Summary: CVE-2024-54147 Altair is a GraphQL client for all platforms. Prior to version 8.0.5, Altair GraphQL Client's desktop app...
CVE Alert: CVE-2024-54151
Vulnerability Summary: CVE-2024-54151 Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 11.0.0...
CVE Alert: CVE-2024-54149
Vulnerability Summary: CVE-2024-54149 Winter is a free, open-source content management system (CMS) based on the Laravel PHP framework. Winter CMS...
CVE Alert: CVE-2024-12174
Vulnerability Summary: CVE-2024-12174 An Improper Certificate Validation vulnerability exists in Tenable Security Center where an authenticated, privileged attacker could intercept...
CVE Alert: CVE-2024-12369
Vulnerability Summary: CVE-2024-12369 A vulnerability was found in OIDC-Client. When using the RH SSO OIDC adapter with EAP 7.x or...
[FUNKSEC] – Ransomware Victim: kurosu[.]com[.]py Breach
Ransomware Group: FUNKSEC VICTIM NAME: kurosucompy Breach NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[FUNKSEC] – Ransomware Victim: gervetusa[.]com Breach
Ransomware Group: FUNKSEC VICTIM NAME: gervetusacom Breach NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Ladies.com – 118,809 breached accounts
HIBP In 2024, the lesbian dating website ladies.com suffered a data breach. Attributed to an exposed Firebase database, the breach...
Senior Dating – 765,517 breached accounts
HIBP In 2024, the 40+ dating website Senior Dating suffered a data breach. Attributed to an exposed Firebase database, the...
CISA: Citrix Releases Security Updates for NetScaler and Citrix Session Recording
Citrix Releases Security Updates for NetScaler and Citrix Session Recording Citrix released security updates to address multiple vulnerabilities in NetScaler...
CISA: Fortinet Releases Security Updates for Multiple Products
Fortinet Releases Security Updates for Multiple Products Fortinet has released security updates to address vulnerabilities in multiple products, including FortiOS....
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on November 12, 2024. These...
CISA: CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities
CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities Today, the Cybersecurity and Infrastructure...
CISA: Ivanti Releases Security Updates for Multiple Products
Ivanti Releases Security Updates for Multiple Products Ivanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti...
CISA: Palo Alto Networks Emphasizes Hardening Guidance
Palo Alto Networks Emphasizes Hardening Guidance Updated November 15, 2024 Palo Alto Networks (PAN) has updated their informational bulletin, noting...
CISA: Microsoft Releases November 2024 Security Updates
Microsoft Releases November 2024 Security Updates Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor...
CISA: CISA Releases Nineteen Industrial Control Systems Advisories
CISA Releases Nineteen Industrial Control Systems Advisories CISA released nineteen Industrial Control Systems (ICS) advisories on November 14, 2024. These...
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA Adds Five Known Exploited Vulnerabilities to Catalog CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: 2024 CWE Top 25 Most Dangerous Software Weaknesses
2024 CWE Top 25 Most Dangerous Software Weaknesses The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Homeland...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple released security updates to address vulnerabilities in multiple Apple products. A cyber...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on November 19, 2024. These...
