Microsoft Warns of Critical Exchange Server Flaw Under Active Exploitation

Context On February 13, 2024, Microsoft acknowledged an actively exploited critical security flaw in Exchange Server, identified as CVE-2024-21410 with a CVSS score of 9.8. The vulnerability involves privilege escalation impacting Exchange Server, allowing attackers to further exploit NT (New Technology) LAN Manager (NTLM) credentials-leaking vulnerabilities in Outlook. The leaked credentials can be relayed against the Exchange server to gain higher privileges and…

Read More

Check Point Researchers Report New Raspberry Robin Use of 1-Day LPE Exploits

Context Security Researchers from Check Point have released a public report, Raspberry Robin Keeps Riding the Wave of Endless 1-Days, detailing new intelligence and technical analysis of the threat actor known as Raspberry Robin. Key findings from the report include the usage of two new 1-day Local Privilege Escalation (LPE) exploits by Raspberry Robin before public…

Read More

Fortinet Warns of Critical VPN Flaw Likely Under Active Exploitation

Context Fortinet has disclosed a critical security flaw, CVE-2024-21762, in its FortiOS Secure Sockets Layer (SSL) VPN, with a CVSS score of 9.6, indicating a high severity flaw. The vulnerability allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted HTTP requests. Fortinet acknowledges that the flaw is likely being exploited in the wild, although specific details…

Read More

Ivanti Discloses Two New Zero-Day Flaws, One Under Active Exploitation

Context Ivanti has disclosed the discovery of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. This comes after the recent publication of CISA Alert: Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways. Community Threat Assessment Due to the confirmed…

Read More

GitHub Rotates Keys After High-Severity Credential-Exposing Vulnerability Discovered

Context Representatives from GitHub Security has announced the rotation of private keys potentially exposed by a newly discovered vulnerability, which was previously patched in December of 2023, that could let attackers access credentials within private production containers via environment variables. The rotated keys include the GitHub commit signing key as well as GitHub Actions, GitHub Codespaces, and…

Read More