Annie - RH-ISAC - Page 18 of 35 Blog

An international law enforcement operation led by Britain’s National Crime Agency and the United States Federal Bureau of Investigations has arrested and indicted two members of the LockBit ransomware gang and seized significant portions of its internal infrastructure. Several components of LockBit services are still operational, including its data sharing component, which publishes data of victims who fail to pay. Community…

Context On February 13, 2024, Microsoft acknowledged an actively exploited critical security flaw in Exchange Server, identified as CVE-2024-21410 with a CVSS score of 9.8. The vulnerability involves privilege escalation impacting Exchange Server, allowing attackers to further exploit NT (New Technology) LAN Manager (NTLM) credentials-leaking vulnerabilities in Outlook. The leaked credentials can be relayed against the Exchange server to gain higher privileges and…

Context Security Researchers from Check Point have released a public report, Raspberry Robin Keeps Riding the Wave of Endless 1-Days, detailing new intelligence and technical analysis of the threat actor known as Raspberry Robin. Key findings from the report include the usage of two new 1-day Local Privilege Escalation (LPE) exploits by Raspberry Robin before public…

Context Fortinet has disclosed a critical security flaw, CVE-2024-21762, in its FortiOS Secure Sockets Layer (SSL) VPN, with a CVSS score of 9.6, indicating a high severity flaw. The vulnerability allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted HTTP requests. Fortinet acknowledges that the flaw is likely being exploited in the wild, although specific details…

Context Ivanti has disclosed the discovery of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. This comes after the recent publication of CISA Alert: Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways. Community Threat Assessment Due to the confirmed…