Talos Takes: 2025's ransomware trends and zombie vulnerabilities

Join Amy and Pierre Cadieux as they unpack the ransomware and vulnerability trends that defined 2025. From the persistent ransomware threats targeting the manufacturing sector to the rise of stealthy living-off-the-land tactics, we break down what these shifts mean for your defense strategy. Why...

CVE-2021-22014

The vCenter Server contains an authenticated code execution vulnerability in VAMI Virtual Appliance Management Infrastructure. An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter...

EUVD-2010-2671

Malware in sbrugna...

EUVD-2024-19042

Malicious code in bioql PyPI...

EUVD-2024-19046

Malicious code in bioql PyPI...

EUVD-2022-36683

Malicious code in bioql PyPI...

EUVD-2022-33558

Malicious code in bioql PyPI...

EUVD-2023-40027

Malicious code in bioql PyPI...

Security Updates for Microsoft Open Management Infrastructure (March 2024)

The version of Open Management Infrastructure on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure (OMI) extensions for managing virtual machines in Azure allows attackers to escalate their privileges due to lack of access control mechanisms.

The vulnerability of the enterprise management server through the Internet-based Open Management Infrastructure OMI extensions for managing virtual machines in Azure is related to deficiencies in access control. Exploitation of this vulnerability could allow attackers to increase their privileges...

The vulnerability of the enterprise management server through the Internet Open Management Infrastructure (OMI) relates to the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the enterprise management server through the Internet Open Management Infrastructure OMI is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted requests...

Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft

For the second month in 2024, there are no actively exploited vulnerabilities included in this months security update from Microsoft. Marchs Patch Tuesday is relatively light, containing 60 vulnerabilities -- only two labeled "critical." Last months Patch Tuesday included more than 70 security...

CVE-2024-21330

Open Management Infrastructure OMI Elevation of Privilege Vulnerability...

CVE-2024-21330

Open Management Infrastructure OMI Elevation of Privilege Vulnerability...

CVE-2024-21334

Open Management Infrastructure OMI Remote Code Execution Vulnerability...

CVE-2024-21334

Open Management Infrastructure OMI Remote Code Execution Vulnerability...

CVE-2024-21334 Open Management Infrastructure (OMI) Remote Code Execution Vulnerability

...

CVE-2024-21334

CVE-2024-21334 is an Open Management Infrastructure (OMI) remote code execution vulnerability affecting Microsoft System Center Operations Manager (SCOM) environments that use OMI. Public sources indicate OMI under SCOM versions 2019 and 2022 can be exploited remotely via unauthenticated requests...

CVE-2024-21330 Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

...

Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

...