ScreenConnect Authentication Bypass demo

ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708)

Uncover critical security flaws in ConnectWise ScreenConnect (CVE-2024-1709 & CVE-2024-1708) posing remote code execution risks. Actively exploited in the wild. The post ScreenConnect Authentication Bypass (CVE-2024-1709 & CVE-2024-1708) appeared first on Indusface ...

Critical PixieFail Vulnerabilities Lead to RCE and DoS Attacks

A set of critical security vulnerabilities has been found in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification. Named PixieFail by Quarkslab, ...

GitHub Vulnerability: Key Rotation Amid High-Severity Threat

In recent developments, GitHub, a Microsoft-owned subsidiary, has taken proactive measures to address a security vulnerability potentially exposing credentials within production containers. In this article, we’ll analyze the GitHub vulnerability incident, shedding ...
Microsoft AI cybersecurity

Protect AI Report Surfaces MLflow Security Vulnerabilities

Protect AI identified RCE vulnerabilities in the MLflow life cycle management tool that can be used to compromise AI models ...
Security Boulevard
XML RPC Detection

What is XML-RPC? Benefits, Security Risks, and Detection Techniques

vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks The post What is XML-RPC? Benefits, Security Risks, ...

Securing Networks: Addressing pfSense Vulnerabilities

In recent findings by Sonar, critical security vulnerabilities have emerged within the widely-used open-source Netgate pfSense firewall solution, potentially exposing susceptible appliances to unauthorized command execution. These pfSense vulnerabilities, comprising two reflected ...
managed detection and response, Apache ActiveMQ, vulnerability, Aqua Cham, threat, elGang APT Meltdown Spectre Threat Detection

Apache ActiveMQ Vulnerability: The Threat That Cannot Be Ignored

Apache ActiveMQ vulnerability, known as CVE-2023-46604, is a remote code execution (RCE) flaw rated at a critical 10.0 on the CVSS v3 scale ...
Security Boulevard

Code Execution Update: Improve WordPress Security

In the ever-evolving landscape of digital security, WordPress has recently released a critical code execution update, version 6.4.2, addressing a potential threat that could jeopardize the integrity of vulnerable sites. This update, ...

CACTUS Qlik Ransomware: Vulnerabilities Exploited

A cyberattack campaign dubbed the CACTUS Qlik Ransomware has become prominent in ransomware attacks on BI systems. Researchers have warned of threat actors exploiting three Qlik security vulnerabilities to target different organizations ...
SonicWall WXA – Authentication Bypass and Remote Code Execution Vulnerability

SonicWall WXA – Authentication Bypass and Remote Code Execution Vulnerability

Overview In an effort to safeguard our customers, we perform proactive vulnerability research with the goal of identifying zero-day vulnerabilities that are likely to impact the security of leading organizations. Recently, we ...