Ofri Ouzan

Rezilion

On October 5, 2023, we released a blog post discussing the Curl Vulnerability, the critical security issue in Curl and libcurl version 8.4.0, known as CVE-2023-38545. In addition, there was another low-severity vulnerability, CVE-2023-38546. These vulnerabilities were scheduled to be disclosed on October 11, creating significant anticipation. Now, that long-awaited ... Read More

On September 12th, 2023, Microsoft released their September Patch Tuesday and revealed 59 Microsoft CVEs; 47 of them are HIGH severity and 12 of them are MEDIUM severity, along with 7 other non-Microsoft CVEs.  CVE-2023-36802 and CVE-2023-36761 are known to be exploited in the wild according to the CISA KEV ... Read More

The cybersecurity landscape is a dynamic battlefield where attackers constantly seek out vulnerabilities to exploit. In this context, the release of the list of top 12 routinely exploited vulnerabilities by CISA in August 2022 provides invaluable insights into the ever-evolving nature of cyber threats. Our new report delves into these ... Read More

Starting May 15, 2023, threat actor Storm-0558 illicitly employed forged Azure Access tokens tokens to gain unauthorized access to user emails in around 25 organizations, encompassing government agencies and various consumer accounts hosted on the public cloud. By June 2023, a Federal Civilian Executive Branch (FCEB) agency noticed unusual MailItemsAccessed ... Read More

On July 11th 2023, Microsoft released their July Patch Tuesday and revealed 130 new CVEs, 5 of them are classified as “Exploitation Detected” by Microsoft and 4 of them added to the CISA KEV Catalog. The vulnerabilities affect popular platforms such as Windows SmartScreen, Microsoft Office, Microsoft Office Outlook, Windows ... Read More

MOVEit CVE-2023-34362 is a Critical SQL Injection vulnerability rated 9.8. It affects all versions of Progress Software’s managed file transfer (MFT) solution, MOVEit Transfer. This vulnerability has the potential to grant unauthorized access. For in-depth information about the vulnerability, including mitigation measures, incident response, and the attack surface, refer to our ... Read More

StackRot, identified as CVE-2023-3269 is a 7.8 HIGH use-after-free vulnerability in the Linux kernel versions 6.1 to 6.4 that can lead to privilege escalation. The vulnerability, which was disclosed by Ruihan Li who also released detailed information about it, is caused by a change in the VMA (Virtual Memory Address) ... Read More

On June 13th, Microsoft released their June. 2023 Patch Tuesday Security Updates and revealed 73 CVEs and 22 other non-Microsoft CVEs, one of which is known to be exploited in the wild. The vulnerabilities affect popular platforms such as .Net and Visual Studio, Office SharePoint, Office Excel, Windows GPM, Microsoft ... Read More

Let’s talk about operational risk and security risk. In the dynamic world of software development, a persistent tension exists between developers and security professionals when it comes to managing operational risk and security risk. Developers prioritize avoiding code disruptions, leading them to implement measures like version locking and reluctance to ... Read More

In this blog post, we detail PaperCut Vulnerability CVE-2023-27350. On March 8th, PaperCut released new versions that contained security updates and addressed two recently discovered CVEs – CVE-2023-27351 and CVE-2023-27350. Today, we will focus on CVE-2023-27350, which was reported by the Zero Day Initiative (ZDI-23-233). This vulnerability is a critical ... Read More