Alireza Gharib Blog

Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766 In September 2024, a critical vulnerability in SonicWall NSA devices, tracked as CVE-2024-40766, was disclosed. Since then, threat actors Akira and Fog have reportedly exploited this flaw to infiltrat … Read more Published Date: Jan 07, 2025 (7 hours, 37 minutes ago) Vulnerabilities has been mentioned in this article.…

Exploiting Misconfigurations in Argo Workflows for Kubernetes Cluster Takeover Argo Workflows, a widely-used open-source tool for orchestrating workflows in Kubernetes, has become a valuable asset for cloud-native automation. However, recent findings by Yali Mintus, a Cloud Secu … Read more Published Date: Jan 07, 2025 (7 hours, 41 minutes ago) Vulnerabilities has been mentioned in this article.…

CVE-2024-8474: OpenVPN Connect Vulnerability Leaks Private Keys Popular VPN client app, OpenVPN Connect, patched a critical security flaw that could have exposed users’ private keys and decrypted their VPN traffic.A recently disclosured vulnerability (CVE-2024-847 … Read more Published Date: Jan 07, 2025 (7 hours, 47 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-8474 CVE-2023-46850 Go…

Vulnerability Overload: 40,000+ CVEs in 2024 Security researcher Jerry Gamblin has released his annual CVE data review. 2024 saw an unprecedented surge in published Common Vulnerabilities and Exposures (CVEs), reaching a record high of 40,009. T … Read more Published Date: Jan 07, 2025 (7 hours, 50 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-20433…

Windows 11’s TPM 2.0: Free Software Foundation Fights Forced Upgrades and E-Waste The Free Software Foundation (FSF) is fresh off a successful International Day Against DRM (IDAD), held on December 20th, 2024. This year’s focus was on Microsoft’s controversial requirement of a hard … Read more Published Date: Jan 07, 2025 (8 hours, 8 minutes ago) Vulnerabilities…