Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

January 9, 2025

SonicWall urges admins to patch exploitable SSLVPN bug immediately

SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is

16:49
bleepingcomputer, EN, 2024, Authentication-Bypass, Firewall, Security-Advisory, SonicWall, Vulnerability
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments:

CVE-2024-49112: A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system.
CVE-2024-49113: A denial-of-service (DoS) vulnerability that can be exploited to crash the LDAP service, leading to service disruptions.
In this blog entry, we discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) designed to lure security researchers into downloading and executing information-stealing malware.

16:45
trendmicro, EN, 2025, malware, Stealer, research, LDAPNightmare, fake, PoC, CVE-2024-49113
Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data

Gravy Analytics has been one of the most important companies in the location data industry for years, collating smartphone location data from around the world selling some to the U.S. government. Hackers say they stole a mountain of data.

16:40
404media, EN, 2025, Gravy-Analytics, data-breach, data-broker
Russian ISP confirms Ukrainian hackers "destroyed" its network

Russian internet service provider Nodex confirmed on Tuesday that its network was

16:38
bleepingcomputer, EN, 2024, Breach, Hacktivism, ISP, Nodex, Russia, Ukraine, Ukrainian-Cyber-Alliance
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024.

On Wednesday, Jan. 8, 2025, Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. Mandiant has identified zero-day exploitation of CVE-2025-0282 in the wild beginning mid-December 2024. CVE-2025-0282 is an unauthenticated stack-based buffer overflow. Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network.

08:50
Mandiant, EN, 2025, CVE-2025-0282, CVE-2025-0283, IoC, exploitation, analysis, postexploitation, Ivanti
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog

On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.

08:47
rapid7, EN, 2025, CVE-2025-0282, zero-day, Ivanti, CVE-2025-0283, ZTA, gateways