SOCRadar® Cyber Intelligence Inc. | CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches
Apr 17, 2024
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update ...

CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches Oracle has released its Critical Patch Update advisory for April 2024, which addresses vulnerabili...

Learn More
SOCRadar® Cyber Intelligence Inc. | Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security
Apr 17, 2024
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in...

Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security Recent events have brought to light critical issues related to cybersecurity threats and social engineering ...

Learn More
SOCRadar® Cyber Intelligence Inc. | Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities (CVE-2024-24996, CVE-2024-29204…)
Apr 17, 2024
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities...

Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities (CVE-2024-24996, CVE-2024-29204…) Ivanti has recently issued security updates to address multiple vulnerabilities in Avalanche. T...

Learn More
SOCRadar® Cyber Intelligence Inc. | Major Cyber Attacks in Review: March 2024
Apr 16, 2024
Major Cyber Attacks in Review: March 2024

Major Cyber Attacks in Review: March 2024 March 2024 witnessed a wave of cyber attacks targeting prominent organizations globally. From telecommunications giants to government pension funds, several h...

Learn More
SOCRadar® Cyber Intelligence Inc. | Cyber Reflections of Iran's Attack on Israel
Apr 15, 2024
Cyber Reflections of Iran's Attack on Israel

Cyber Reflections of Iran’s Attack on Israel [Update] April 22, 2024: “Israeli Hackers Strike Back: Cyber Av3ngers Hacked” [Update] April 17, 2024: “Ongoing Hacktivist Activities” On Saturday and earl...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757)
Apr 15, 2024
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Comm...

Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757) The PHP development team recently announced security up...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical OS Command Injection Vulnerability in Palo Alto's GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet.
Apr 12, 2024
Critical OS Command Injection Vulnerability in Palo Alto's GlobalProte...

Critical OS Command Injection Vulnerability in Palo Alto’s GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet. [Update] April 17, 2024: “PoC Exploit Available for CVE-2024-3400: Rese...

Learn More
SOCRadar® Cyber Intelligence Inc. | Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Including 2 Zero-Day Vulnerabilities
Apr 10, 2024
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Inc...

Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, including 2 Zero-Day Vulnerabilities Microsoft’s April 2024 Patch Tuesday was a substantial release addressing a total of 149 securit...

Learn More
SOCRadar® Cyber Intelligence Inc. | Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and Code Execution (CVE-2024-21894)
Apr 04, 2024
Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and...

Ivanti Connect Secure and Policy Secure Gateways Vulnerable to DoS and Code Execution (CVE-2024-21894) Ivanti recently released patches to fix multiple vulnerabilities found in their popular Connect S...

Learn More
SOCRadar® Cyber Intelligence Inc. | Google's Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; Chrome V8 Zero-Day, CVE-2024-3159
Apr 04, 2024
Google's Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; ...

Google’s Response to Pixel Zero-Days: CVE-2024-29745, CVE-2024-29748; Chrome V8 Zero-Day, CVE-2024-3159 [Update] April 5, 2024: “CISA Urges Immediate Action on Pixel Zero-Day Vulnerabilities”  Google ...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389
Apr 03, 2024
Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389

Critical OS Command Injection Flaw in Progress Flowmon: CVE-2024-2389 [Update] April 25, 2024: “PoC Exploit Code is Available for CVE-2024-2389 in Flowman” Progress disclosed a highly critical vulnera...

Learn More
SOCRadar® Cyber Intelligence Inc. | What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2024-3094?
Apr 01, 2024
What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2...

What Do You Need to Know About the Linux XZ Utils Vulnerability, CVE-2024-3094? A researcher has identified a critical vulnerability in Linux’s XZ Utils, a command line tool for XZ format compression....

Learn More
SOCRadar® Cyber Intelligence Inc. | Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Point Software
Mar 29, 2024
Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Po...

Cisco Fixes Numerous DoS Vulnerabilities in IOS, IOS XE, and Access Point Software Cisco recently addressed multiple Denial-of-Service (DoS) vulnerabilities across its product range, including Cisco I...

Learn More
SOCRadar® Cyber Intelligence Inc. | High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’ Could Lead to CSRF Attacks (CVE-2024-1538)
Mar 27, 2024
High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’...

High-Severity Vulnerability in Popular WordPress Plugin ‘File Manager’ Could Lead to CSRF Attacks (CVE-2024-1538) A high-severity security vulnerability, identified as CVE-2024-1538, has recently come...

Learn More
SOCRadar® Cyber Intelligence Inc. | OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Privilege Escalation, Remote Access
Mar 25, 2024
OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Pri...

OpenVPN Fixed Multiple Vulnerabilities on Windows Version: Risk of Privilege Escalation, Remote Access OpenVPN, with the release of a new version, addressed severe security vulnerabilities, specifical...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bamboo Data Center and Server (CVE-2024-1597)
Mar 22, 2024
Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bambo...

Critical SQL Injection Vulnerability in PgJDBC Affects Atlassian Bamboo Data Center and Server (CVE-2024-1597) Atlassian recently patched a critical vulnerability and 24 high-severity vulnerabilities,...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ITSM (CVE-2023-46808), Telerik Report Server (CVE-2024-1800)
Mar 21, 2024
Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ...

Critical RCEs: Ivanti Standalone Sentry (CVE-2023-41724), Neurons for ITSM (CVE-2023-46808), Telerik Report Server (CVE-2024-1800) [Update] March 22, 2024: “CISA Warns for the Vulnerabilities in Ivant...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens File Transfer Security (CVE-2024-25153)
Mar 15, 2024
Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens F...

Critical RCE Vulnerability in Fortra FileCatalyst Workflow Threatens File Transfer Security (CVE-2024-25153) Fortra FileCatalyst Workflow, a trusted enterprise file transfer solution, is under severe ...

Learn More
SOCRadar® Cyber Intelligence Inc. | Critical Update for Spring Framework: CVE-2024-22259 Exposes Applications to Open Redirect, SSRF Attacks
Mar 15, 2024
Critical Update for Spring Framework: CVE-2024-22259 Exposes Applicati...

Critical Update for Spring Framework: CVE-2024-22259 Exposes Applications to Open Redirect, SSRF Attacks Spring Framework faces a critical security challenge with the emergence of CVE-2024-22259. This...

Learn More
SOCRadar® Cyber Intelligence Inc. | Windows SmartScreen Vulnerability Exploited in DarkGate Malware Attacks, Patch CVE-2024-21412 Now
Mar 14, 2024
Windows SmartScreen Vulnerability Exploited in DarkGate Malware Attack...

Windows SmartScreen Vulnerability Exploited in DarkGate Malware Attacks, Patch CVE-2024-21412 Now [Update] July 25, 2024: “Information Stealer Campaign Exploits the Windows SmartScreen Vulnerabi...

Learn More