5 matches found
Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware
Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...
Exploit for CVE-2024-24576
PoC exploit for CVE-2024-24576, a vulnerability in a specific pr...
Update now! JetBrains TeamCity vulnerability abused at scale
JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTPS access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server...
Let’s Encrypt to revoke “mis-issued” certificates
If you use a Let’s Encrypt SSL/TLS certificate, you may wish to check your account over the coming days. Revocation is coming, and you’ve only got until tomorrow to figure things out. What’s the deal with free certificates? If you’re running a website, you want to make sure that it’s HTTPs. It...
Microsoft Patch Tuesday, May 2018 Edition
Microsoft today released a bundle of security updates to fix at least 67 holes in its various Windows operating systems and related software, including one dangerous flaw that Microsoft warns is actively being exploited. Meanwhile, as it usually does on Microsoft's Patch Tuesday -- the second...