Alerts

TA402, recognized as a Middle Eastern advanced persistent threat (APT) group launched a new series of targeted phishing campaigns that are designed to deliver a new initial access downloader “IronWind” to target government entities in the Middle East. TA402 utilized three variations of the infection chain moving from using Dropbox links to using XLL and

Ivanti has released security updates to fix multiple vulnerabilities in Ivanti Secure Access Client and Ivanti EPMM. The addressed vulnerabilities could allow the attacker to gain access, perform a denial of service attack, and gain elevated privileges on the affected System. Sample of The Addressed Vulnerabilities: 1. Ivanti EPMM Authenticated User Enrolled as Another User

Microsoft has released an updated Microsoft Edge Stable version (119.0.2151.58) and Extended Stable version (118.0.2088.102) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to gain access, execute arbitrary code, and gain privileges on the affected system. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Code Execution (CVE-2023-5996): CVSS: 8.8 Attack

SolarWinds has released security updates to fix multiple vulnerabilities in SolarWinds products. The addressed vulnerabilities could allow the attacker to obtain sensitive information or execute arbitrary code with system privileges and gain access to the affected systems. Sample of the addressed vulnerabilities: SolarWinds Network Configuration Manager Directory Traversal Vulnerability (CVE-2023-33226): CVSS: 8 Attack Vector: Adjacent

Trend Micro has released a security update to fix multiple vulnerabilities across Trend Micro Apex One and Apex One as a Service. The addressed vulnerabilities could allow the attacker to escalate privileges on the affected products. Sample of the addressed vulnerabilities: Agent Link Following Local Privilege Escalation Vulnerability (CVE-2023-47192): CVSS: 7.8 Attack Vector: Local Attack

Google has released an updated Chrome version 119.0.6045.123/.124 for Windows, and 119.0.6045.123 for Mac and Linux to fix a vulnerability. The addressed vulnerability could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Google Chrome Code Execution Vulnerability (CVE-2023-5996):

Tenable has released security updates to fix multiple vulnerabilities in several third-party components (curl, OpenSSL, zlib) affecting multiple tenable products. The addressed vulnerabilities could allow the attacker to execute arbitrary code, conduct denial of service attacks, bypass security restrictions, or gain elevated privileges to the affected system by loading a specially crafted file during installation

VMware has released a security update to address a vulnerability affecting several versions of VMware Workspace ONE UEM. The addressed vulnerability could allow the remote attacker to conduct phishing attacks by redirecting the victim to arbitrary websites to retrieve the SAML response to login as the victim user. VMware Workspace ONE UEM Open Redirect Vulnerability

Google has released an updated Chrome version (119.0.6045.105/.106) for Windows, and (119.0.6045.105) for Mac and Linux to fix several vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the

Microsoft has released an updated Microsoft Edge stable version (118.0.2088.76) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, conduct spoofing attacks, execute arbitrary code, and gain access to the affected system by persuading the victim to open a specially crafted Adobe PDF file. Sample of the addressed

VMware has released security updates to address vulnerabilities affecting VMware Tools version 12.x.x, 11.x.x, 10.3.x macOS and Windows. The addressed vulnerabilities could allow the attacker to gain elevated privileges on the affected systems. Sample of the addressed vulnerabilities: VMware Tools Privilege Escalation (CVE-2023-34057): CVSS: 7.8 Attack Vector: Local Attack Complexity: Low Privileges Required: Low User

Aruba has released a security update to address multiple vulnerabilities across ClearPass Policy Manager. The addressed vulnerabilities could allow the attacker to gain elevated privilege, manipulate data, conduct phishing attacks, execute arbitrary commands, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Aruba Networks ClearPass Policy Manager Privilege Escalation Vulnerability (CVE-2023-43506):