Alerts

Trellix has released a security update to fix a vulnerability in Trellix Application and Change Control ePO extension “8.3.8.x” and earlier versions. The addressed vulnerability could allow the remote attacker to access the “Inventory” section of the ePO extension and upload a specially crafted GTI reputation file. This flaw is only applicable to on-premises ePO […]

Referring to EG-FinCIRT report ID 36/2023 “LockBit V3.0 Ransomware”, Security researchers detected that LockBit V3.0 ransomware operation has increased its activity recently against Middle Eastern organizations. LockBit v3.0 is a Windows ransomware program written in C programming language. It operates as a ransomware-as-a-service (RaaS) model, meaning it is available for use by different affiliates. The

Mozilla has released an updated Firefox version 120, and Firefox ESR version 115.5 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to obtain sensitive information, perform a denial of service attack, bypass security restrictions, execute arbitrary code, and gain access to the affected system by persuading the victim to visit a

Splunk has released a security update to fix multiple vulnerabilities across several Splunk products. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code, perform cross-site scripting attacks, or gain access to the affected systems. Sample of the addressed vulnerabilities: Splunk Enterprise Code Execution Vulnerability (CVE-2023-46214): CVSS: 8.0 Attack Vector: Network Attack Complexity:

Tenable has released security updates to fix two vulnerabilities across multiple Tenable Nessus versions. The addressed vulnerabilities could allow the remote attacker with administrator privileges to overwrite arbitrary files on the remote host, which could lead to a denial of service condition. Sample of the addressed vulnerabilities: Tenable Nessus Denial of Service Vulnerability (CVE-2023-6062): CVSS:

Cisco has released security updates to fix multiple vulnerabilities across several products. The addressed vulnerabilities could allow the attacker to bypass security, perform cross-site scripting attacks, gain elevated privileges, or trigger denial of services attacks on the affected products. Sample of the addressed vulnerabilities: 1. Cisco Identity Services Engine Security Bypass (CVE-2023-20272): CVSS: 6.7 Attack

Zoom has released security updates to fix several vulnerabilities in multiple products such as Zoom Clients, Zoom Rooms for macOS, Zoom Desktop Client for Windows, and Zoom VDI Client. The addressed vulnerabilities could allow the attacker to obtain sensitive information, trigger denial of service attacks, or gain elevated privileges on the affected system by sending

Google has released an updated Chrome version 119.0.6045.159/.160 for Windows, and 119.0.6045.159 for Mac and Linux to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system or cause the application to crash by persuading a victim to visit a specially crafted web

Intel has released security updates to fix several vulnerabilities across multiple products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privileges, or trigger a denial of services attack on the affected system. Sample of the addressed vulnerabilities: 1. Intel NUC Software Privilege Escalation Vulnerability (CVE-2023-28737): CVSS: 8.8 Attack Vector: Local

TA402, recognized as a Middle Eastern advanced persistent threat (APT) group launched a new series of targeted phishing campaigns that are designed to deliver a new initial access downloader “IronWind” to target government entities in the Middle East. TA402 utilized three variations of the infection chain moving from using Dropbox links to using XLL and

Ivanti has released security updates to fix multiple vulnerabilities in Ivanti Secure Access Client and Ivanti EPMM. The addressed vulnerabilities could allow the attacker to gain access, perform a denial of service attack, and gain elevated privileges on the affected System. Sample of The Addressed Vulnerabilities: 1. Ivanti EPMM Authenticated User Enrolled as Another User

Microsoft has released an updated Microsoft Edge Stable version (119.0.2151.58) and Extended Stable version (118.0.2088.102) to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to gain access, execute arbitrary code, and gain privileges on the affected system. Sample of the addressed vulnerabilities: 1. Microsoft Edge (Chromium-based) Code Execution (CVE-2023-5996): CVSS: 8.8 Attack

SolarWinds has released security updates to fix multiple vulnerabilities in SolarWinds products. The addressed vulnerabilities could allow the attacker to obtain sensitive information or execute arbitrary code with system privileges and gain access to the affected systems. Sample of the addressed vulnerabilities: SolarWinds Network Configuration Manager Directory Traversal Vulnerability (CVE-2023-33226): CVSS: 8 Attack Vector: Adjacent

Trend Micro has released a security update to fix multiple vulnerabilities across Trend Micro Apex One and Apex One as a Service. The addressed vulnerabilities could allow the attacker to escalate privileges on the affected products. Sample of the addressed vulnerabilities: Agent Link Following Local Privilege Escalation Vulnerability (CVE-2023-47192): CVSS: 7.8 Attack Vector: Local Attack