Alireza Gharib Blog

CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software Progress Software Corporation, a global provider of products to develop, deploy, and manage high-impact business applications, has issued a critical security bulletin for its WhatsUp Gold network moni … Read more Published Date: Jan 02, 2025 (8 hours, 34 minutes ago) Vulnerabilities…

From Fake Installers to Stolen Credentials: Decoding the LegionLoader Threat TRAC Labs has released an in-depth report on LegionLoader, a sophisticated downloader malware that has evolved significantly since its initial appearance in 2019. The malware, also tracked as Satacom, … Read more Published Date: Jan 02, 2025 (8 hours, 35 minutes ago) Vulnerabilities has been mentioned in…

D-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits D-Link has issued a critical advisory urging users to retire and replace several legacy router models, including the DIR-645, DIR-806, GO-RT-AC750, and DIR-845, citing their End-of-Life (EOL) and End- … Read more Published Date: Jan 02, 2025 (8 hours, 48 minutes ago) Vulnerabilities has been mentioned in…

CVE-2024-12987 affecting DrayTek Routers CVE-2024-12987 is a critical security vulnerability identified in the DrayTek Vigor2960 and Vigor300B routers, specifically affecting firmware version 1.5.1.4. This vulnerability resides within the We … Read more Published Date: Jan 01, 2025 (1 day ago) Vulnerabilities has been mentioned in this article. CVE-2024-12987

CVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw A security researcher published a proof-of-concept (PoC) exploit for CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server. Rated at CVSS 7.5, this flaw exposes affected systems to potent … Read more Published Date: Jan 01, 2025 (1 day, 9 hours ago) Vulnerabilities has been mentioned in this article.…

Is Your Network at Risk? New Report Highlights Network File System Vulnerabilities HvS-Consulting GmbH has released an insightful report shedding light on the often-overlooked vulnerabilities of the Network File System (NFS) protocol. Widely used across platforms for remote file acc … Read more Published Date: Jan 01, 2025 (1 day, 9 hours ago) Vulnerabilities has been mentioned…

China’s cyber intrusions took a sinister turn in 2024 The Chinese government’s intrusions into America’s telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructi … Read more Published Date: Dec 31, 2024 (1 day, 22 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-39717…

Securitybedrijf meldt actief misbruik van lek in industriële routers Four-Faith Aanvallers maken actief misbruik van een kwetsbaarheid in industriële routers van fabrikant Four-Faith en het is onduidelijk of er updates beschikbaar zijn om het probleem te verhelpen, zo meldt secur … Read more Published Date: Dec 31, 2024 (1 day, 22 hours ago) Vulnerabilities has been mentioned…

CVE-2024-21182: Oracle WebLogic Server Flaw Exploit Code Released CVE-2024-21182 is a high-severity vulnerability identified in Oracle WebLogic Server. This security flaw affects specific versions of the software, namely Oracle WebLogic Server 12.2.1.4.0 and 14.1.1. … Read more Published Date: Dec 31, 2024 (2 days, 2 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-56512 CVE-2024-3393 CVE-2024-45387…

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents Vulnerability / Incident Response The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to remotely access some computers … Read more Published Date: Dec 31, 2024 (2 days, 4 hours ago) Vulnerabilities has been mentioned…