Welcome to this week’s Threat Intelligence Roundup! Each week we cover the latest on emerging threats, trends, and top security practices, all tailored just for you.
Threat Intel Thursdays are designed to give you a wider perspective and arm you with the knowledge you need to make smart security decisions.
Threat Intelligence Email Blasts This Week:
Progress Loadmaster Vulnerable to Severe RCE Flaw The Progress LoadMaster software has been found vulnerable to a critical Remote Code Execution (RCE) flaw, carrying a maximum CVSS severity score of 10.0. This vulnerability, identified as CVE-2024-7591, allows attackers to remotely execute arbitrary code by exploiting a deserialization flaw in the product’s API. The flaw affects all versions of LoadMaster prior to v7.2.57.0. If left unpatched, this could allow unauthorized individuals to gain full control over affected systems.
Progress has issued a security patch addressing this critical vulnerability, and organizations are advised to upgrade to the latest version immediately
Ivanti Patches Critical Vulnerabilities in Endpoint Manager Ivanti has released patches for multiple critical vulnerabilities in its Endpoint Manager Mobile (EPMM) software, with CVE-2024-29847 and CVE-2024-8190 being the most severe. These flaws allow unauthenticated attackers to bypass authentication and remotely execute commands on vulnerable systems. This could lead to full control over affected devices, enabling data theft, disruption of operations, or further attacks within the network. Ivanti is urging teams to apply the proper updates immediately.
This Week’s Roundup:
Veeam Exploit Puts Thousands of Backup Servers in Danger A new vulnerability in Veeam Backup & Replication software (CVE-2024-40711) has been discovered, posing a significant risk to backup servers. This flaw allows attackers to exploit the Veeam service account credentials, which could give unauthorized access to backup infrastructures and sensitive data. When successfully exploited, the vulnerability could lead to full control over backup environments, making it possible for attackers to steal or encrypt backup data. Veeam has released patches, and administrators are urged to patch affected devices immediately.
WordPress Requiring 2FA for Plugin Developers by October WordPress.org announced that by October 2024, two-factor authentication (2FA) will be mandatory for all plugin developers. This move aims to strengthen security and reduce the risk of compromised developer accounts, which could lead to malicious updates or plugins. By requiring 2FA, WordPress seeks to protect its large ecosystem and ensure greater safety for website administrators and users.
Cisco Patches Critical Exploits in Network Operating System Cisco has patched several high-severity vulnerabilities in its NX-OS network operating system, including CVE-2024-20398, which has a CVSS score of 8.8. This vulnerability allows an authenticated attacker to execute arbitrary commands on affected devices due to improper input validation in the CLI. Cisco has released updates to address these flaws, and organizations are urged to patch them as soon as possible.
Microsoft Fixes Four Actively Exploited Zero-Days Microsoft has addressed four actively exploited vulnerabilities in its September 2024 Patch Tuesday release. These include a critical flaw in Microsoft Word that could lead to information disclosure and a privilege escalation issue in the Windows Common Log File System (CLFS). If exploited, these vulnerabilities could allow attackers to access sensitive data or gain elevated privileges on affected systems. Microsoft is advising to patch to resolve these issues.
Adobe Issues Patches for Critical Code Execution Flaws in Multiple Products Adobe has released security updates to address critical code execution vulnerabilities in several of its products, including Adobe Acrobat, Reader, and Photoshop. If using Adobe products, teams should update to the newest versions of Adobe products when possible.
Payment Gateway Slim CD Discloses Data Breach Impacting 1.7M Users SLIM CD, a payment processing company, has disclosed a data breach that exposed sensitive customer information. The breach resulted from unauthorized access to the company’s systems, potentially compromising personal data such as credit card numbers and names. SLIM CD has notified affected individuals and is working to enhance its security measures to prevent future incidents.