🚨 CISA KEV 1[−]
12 Nov KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2021-26086 Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2014-2120 Cisco Adaptive Security Appliance (…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 90[−]
12 Nov KEVMicrosoft November 2024 Patch Tuesday, (Tue, Nov 12th)This month, Microsoft is addressing a total of 83 vulnerabilities. Among these, 3 are classified as critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Organizations are encouraged to prioritize these updates to mitigate potentia…ISC.SANS.EDU
12 NovCitrix Releases Security Updates for NetScaler and Citrix Session RecordingCitrix released security updates to address multiple vulnerabilities in NetScaler ADC, NetScaler Gateway, and Citrix Session Recording. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages user…CISA.GOV
12 NovCISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited VulnerabilitiesToday, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities . This advisory supplies d…CISA.GOV
12 NovCVE-2024-43530 Windows Update Stack Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43602 Azure CycleCloud Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43623 Windows NT OS Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43625 Microsoft Windows VMSwitch Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43626 Windows Telephony Service Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43627 Windows Telephony Service Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43628 Windows Telephony Service Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43630 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43631 Windows Secure Kernel Mode Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43634 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43637 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43638 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43643 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43644 Windows Client-Side Caching Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43646 Windows Secure Kernel Mode Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43447 Windows SMBv3 Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43449 Windows USB Video Class System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43451 NTLM Hash Disclosure Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43452 Windows Registry Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-38255 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-38264 Microsoft Virtual Hard Disk (VHDX) Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43459 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43462 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48994 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48995 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48996 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-5535 OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overreadWe are republishing this OpenSSL CVE to document that the latest version Microsoft Defender for Endpoint has been updated to protect against this OpenSSL library vulnerability.MSRC.MICROSOFT.COM
12 NovCVE-2024-49042 Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49043 Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49044 Visual Studio Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49046 Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49049 Visual Studio Code Remote Extension Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49056 Airlift.microsoft.com Elevation of Privilege VulnerabilityAuthentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
12 NovCVE-2024-43613 Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43620 Windows Telephony Service Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43621 Windows Telephony Service Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43622 Windows Telephony Service Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43629 Windows DWM Core Library Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43633 Windows Hyper-V Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43635 Windows Telephony Service Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43636 Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43640 Windows Kernel-Mode Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43641 Windows Registry Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43642 Windows SMB Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-38203 Windows Package Library Manager Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48993 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48997 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48998 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-48999 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49000 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49001 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49002 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49003 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49004 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49005 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49007 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49006 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49008 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49009 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49010 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49011 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49012 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49013 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49014 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49015 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49016 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49017 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49018 SQL Server Native Client Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49019 Active Directory Certificate Services Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49021 Microsoft SQL Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49026 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49027 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49028 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49029 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49030 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49031 Microsoft Office Graphics Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49032 Microsoft Office Graphics Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49033 Microsoft Word Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49039 Windows Task Scheduler Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49048 TorchGeo Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49050 Visual Studio Code Python Extension Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49051 Microsoft PC Manager Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43498 .NET and Visual Studio Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43499 .NET and Visual Studio Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43624 Windows Hyper-V Shared Virtual Disk Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 13[−]
12 NovCriminals Exploiting FBI Emergency Data RequestsI’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too. Turns out the same thing is true for non-technical backdoors: The a…SCHNEIER.COM
12 NovMultiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation could allow for remote code execution …CISECURITY.ORG
12 NovCritical Patches Issued for Microsoft Products, November 12, 2024Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
12 NovMicrosoft Patch Tuesday, November 2024 EditionMicrosoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publ…KREBSONSECURITY.COM
12 NovNew Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ MisconfigurationCybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows sy…THEHACKERNEWS.COM
12 NovNew Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate NetworksCybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enha…THEHACKERNEWS.COM
12 NovFortinet Releases Security Updates for Multiple ProductsFortinet has released security updates to address vulnerabilities in multiple products, including FortiOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advi…CISA.GOV
12 NovMicrosoft Releases November 2024 Security UpdatesMicrosoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary update…CISA.GOV
12 NovAdobe Releases Security Updates for Multiple ProductsAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bu…CISA.GOV
12 NovCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on November 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-317-01 Subnet Solutions PowerSYSTEM Center ICSA-24-317-02 Hitachi…CISA.GOV
12 Nov[FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?KNOWBE4.COM
12 NovWinter Fuel Payment scam targets UK citizens via SMSScammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
12 NovToward greater transparency: Publishing machine-readable CSAF filesWelcome to the third installment in our series on transparency at the Microsoft Security Response Center (MSRC). In this ongoing discussion, we talk about our commitment to providing comprehensive vulnerability information to our customers. At MSRC, our mission is to protect our …MSRC.MICROSOFT.COM
📋 SECURITY BULLETINS 2[−]
12 NovIvanti Releases Security Updates for Multiple ProductsIvanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client. CISA encourages users and administrators to review the following Ivanti security advisor…CISA.GOV
12 NovADV240001 Microsoft SharePoint Server Defense in Depth UpdateMicrosoft has released an security update for Microsoft SharePoint Server. The update provides a defense in depth enhancement regarding redirections.MSRC.MICROSOFT.COM
📢 SECURITY ADVISORIES 1[−]
12 NovJCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic GamesThe Cybersecurity and Infrastructure Security Agency (CISA), through the Joint Cyber Defense Collaborative (JCDC), enabled proactive coordination and information sharing to bolster cybersecurity ahead of the 2024 Olympic and Paralympic Games in Paris. Recognizing the potential fo…CISA.GOV
🔥 INCIDENT REPORTING 2[−]
12 Nov5 Ways Behavioral Analytics is Revolutionizing Incident ResponseBehavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leve…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 9[−]
12 NovNew Phishing Tool GoIssue Targets GitHub Developers in Bulk Email CampaignsCybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier …THEHACKERNEWS.COM
12 NovNorth Korean Hackers Target macOS Using Flutter-Embedded MalwareThreat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which m…THEHACKERNEWS.COM
12 NovISC Stormcast For Tuesday, November 12th, 2024 https://isc.sans.edu/podcastdetail/9218, (Tue, Nov 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 NovNation-State Threat Actors Rely on Social Engineering FirstA new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.KNOWBE4.COM
12 NovStep-by-Step To Creating Your First Realistic Deepfake Video in a Few MinutesLearn how to step-by-step create your first realistic deepfake video in a few minutes.KNOWBE4.COM
12 NovCyberheistNews Vol 14 #46 [Eye Opener] Attackers Don't Hack, They Log In. Can You Stop Them?KNOWBE4.COM
12 NovGUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurityAugmented reality use cases have become prevalent in our society. The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly ……LASTWATCHDOG.COM
12 Nov6 Principles of Operational Technology Cybersecurity released by joint NSA initiativeToday’s critical infrastructure organizations rely on operational technology (OT) to help control and manage the systems and processes required to keep critical services to the public running. However, due to the highly integrated nature of OT deployments, cybersecurity has…SECURITYINTELLIGENCE.COM
12 NovExceptional User Experience — Every Application, Every TransactionPalo Alto Networks ADEM empowers IT teams and optimizes productivity with visibility into users, branch sites, apps and IT infrastructure. The post Exceptional User Experience — Every Application, Every Transaction appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
🎙️ PODCASTS 1[−]
12 NovThe AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?In episode 24 of The AI Fix, Mark makes an unforgivable error about the Terminator franchise, our hosts wonder if a "seductive" government chatbot will make it easier to talk about tax, a radio station abandons its three month AI experiment after a week, and OpenAI parks its tank…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 4[−]
12 NovSnowflake hackers identified and charged with stealing 50 billion AT&T recordsThe U.S. Department of justice indicted two hackers for breaking into the systems of AT&T and several other companies. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
12 NovU.S. May Support Global Surveillance Treaty Hated by Everyone but Authoritarian GovernmentsPACKETSTORMSECURITY.COM
12 NovHow to save web pages permanently or find content from deleted sites | Kaspersky official blogAll about tools for archiving websites and searching web page archives.KASPERSKY.COM
12 NovBeats by bot: The AI remix revolutionArtificial intelligence is reshaping the music landscape, turning listeners into creators and sparking new debates over creativity, copyright, and the future of musicWELIVESECURITY.COM