A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). […] Read More
BleepingComputer
The all in one place for non-profit security aid.
A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). […] Read More
BleepingComputer
PAN-OS Access Management RCE Vulnerability, 11k+ Interface IPs Exposed
Palo Alto Networks has issued a critical security advisory regarding a potential remote code execution (RCE) vulnerability affecting the PAN-OS management interface of their next-generation firewalls.
The advisory, released on November 8, 2024, warns customers to restrict access to their firewall management interfaces due to this unconfirmed security threat.
While specific details about the vulnerability are still under investigation, Palo Alto Networks has emphasized that they actively monitor for signs of exploitation. At present, no active exploitation has been detected.
However, the company strongly recommends that customers ensure their management interface access is configured correctly, following best practice deployment guidelines.
How to Maximize Cybersecurity Program ROI -> Free Webinar
Shadowserver has conducted scans to identify exposed PAN-OS management interfaces. Alarmingly, approximately 11,000 IP addresses with exposed management interfaces have been discovered.
Palo Alto published an advisory on 2024-10-08 warning of a claim of an RCE via the PAN-OS management interface. While no exploitation activity has yet been observed, we added fingerprinting for exposed PAN-OS mgmt interfaces in our Device ID report.
We see around 11K IPs exposed pic.twitter.com/aI2TZbSxSc
— The Shadowserver Foundation (@Shadowserver) November 11, 2024
This significant number of potentially vulnerable systems underscores the urgency of implementing proper security measures.
Palo Alto Networks advises customers to limit access to the management interface to trusted internal IP addresses only and not expose it to the internet. The company believes that Prisma Access and cloud NGFW are unaffected by this potential vulnerability.
To mitigate the risk, administrators are encouraged to take several precautionary measures:
Customers using Cortex Xpanse and Cortex XSIAM with the ASM module can investigate internet-exposed instances by reviewing alerts generated by the Palo Alto Networks Firewall Admin Login attack surface rule.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!
The post PAN-OS Access Management RCE Vulnerability, 11k+ Interface IPs Exposed appeared first on Cyber Security News.
“The Skinny on American Intelligence & the Law” – with D.C. “Super Lawyer” Mark Zaid
Mark Zaid joins Andrew Hammond to discuss American intelligence and the law. You’ve heard of a “lawyer to the stars,” Mark is the “lawyer to the spies.” Read More
The CyberWire
Multiple Adobe Security Vulnerabilities Let Attackers Execute Arbitrary Code Remotely
[[{“value”:”
A product security incident response team (PSIRT) manages a vulnerability disclosure program by acting as a single point of contact for external reporters, including customers, partners, penetration testers, and security researchers.
They provide a standardized process for reporting security vulnerabilities found in the organization’s products and services. They prioritize private disclosure conducted in a way that minimizes risk to user data, the organization’s infrastructure, and its reputation.
Security updates are available for Adobe Experience Manager (AEM) to address critical vulnerabilities that attackers could exploit to execute arbitrary code or bypass security features, as all versions of AEM Cloud Service (CS) and AEM 6.5.19.0 and earlier are affected.
To mitigate the risks, administrators are recommended to update AEM to either AEM Cloud Service Release 2024.03 or AEM 6.5 Service Pack 20.0, both of which address the identified vulnerabilities.
The security updates have been released to address critical vulnerabilities in Adobe Premiere Pro for Windows and macOS that could be exploited to execute arbitrary code on an affected system.
Versions 24.1 and earlier on Windows and macOS, as well as 23.6.2 and earlier on both platforms, are vulnerable. The Creative Cloud desktop app recommends updating to version 24.2.1 (Windows/macOS) or 23.6.4 (Windows/macOS).
Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free
Adobe released security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021, which could be exploited to read arbitrary file systems.
All ColdFusion 2023 versions before Update 6 and all ColdFusion 2021 versions before Update 12 are affected.
It advises updating ColdFusion to Update 7 for 2023 and Update 13 for 2021 to reduce the risk, which Adobe has ranked as priority 3.
Adobe Bridge versions 13.0.5 and earlier and 14.0.1 and earlier on Windows and macOS also include a security update to address critical and important vulnerabilities.
Attackers could exploit the vulnerabilities to execute arbitrary code on a victim’s machine or cause a memory leak. Therefore, it is recommended that you update to versions 13.0.6 or 14.0.2 through the Creative Cloud desktop app.
Adobe also released a security update to address a critical vulnerability (CVE-2024-20754) in Adobe Lightroom for macOS versions 7.1.2 and earlier, where an attacker could use the untrusted search path vulnerability to execute arbitrary code on a victim’s computer, potentially taking complete control of the system.
To address critical vulnerabilities in Adobe Animate versions 23.0.3 and earlier, a security update has been released for Windows and macOS, and 24.0 and earlier for Windows and macOS.
Attackers might take advantage of the flaws to run arbitrary code or cause memory leaks on a target system, so updating to the latest versions (23.0.4 for 2023 and 24.0.1 for 2024) via the Creative Cloud desktop app or the Download Center has been recommended.
Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.
The post Multiple Adobe Security Vulnerabilities Let Attackers Execute Arbitrary Code Remotely appeared first on Cyber Security News.
“}]] Read More
Cyber Security News