Sweet Security’s Post

CVE ID : CVE-2024-6744 Published : July 15, 2024, 7:15 a.m. | 17 minutes ago Description : The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands on the remote server. Severity: 9.8 | CRITICAL

It's concerning to see vulnerabilities like this in widely used SSH clients. The move towards non-mathematically linked tokenisation and randomised approaches could indeed provide more robust security against quantum threats. There too many key vulnerabilities and is not slowing down. https://lnkd.in/emj6Riri

Please read Susan Brown ‘s recent vulnerabilities post.

There is a critical security vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE). This issue presents significant risks for organizations using self-managed instances of GitLab. A critical input validation vulnerability (CVE-2024-45409) has been identified in GitLab, allowing attackers to bypass Security Assertion Markup Language (SAML) authentication. With a CVSS v3 score of 10.0, this vulnerability enables threat actors to gain unauthorized access to GitLab instances through specially crafted SAML responses. Affected Systems: GitLab CE/EE versions: - 16.11.10 and prior - 17.0.8, 17.1.8, 17.2.7, 17.3.3 and prior Exploit Details: Attackers can exploit this vulnerability by sending manipulated SAML responses, bypassing authentication systems to access sensitive GitLab environments. Recommended Actions: Immediate updates are necessary to mitigate this risk. It is crucial to patch the affected GitLab installations to the latest versions provided in the security release. Your immediate action is critical in maintaining the security of your GitLab environments. For further details, visit: - https://lnkd.in/ddRMKgyp - https://lnkd.in/dEbHTtWi - https://lnkd.in/dW-Vnewj #threatintel #cti #vulnerability

Critical Vulnerability Alert for the Tech Community: PuTTY SSH Client A recent discovery by researchers at Ruhr University Bochum has unveiled a significant vulnerability in the PuTTY SSH Client, affecting versions 0.68 through 0.80. Dubbed CVE-2024-31497, this flaw could lead to the complete recovery of NIST P-521 private keys, posing a severe threat to data security and integrity. The affected versions may allow attackers, with access to signed messages and the public key, to forge signatures, potentially leading to unauthorized server access. This highlights the urgent need for IT professionals and developers to update to PuTTY 0.81 and apply patches to related software like FileZilla, WinSCP, and TortoiseGit/SVN. This incident underscores the critical importance of regular software updates and vigilant cybersecurity practices in protecting sensitive information and infrastructure. For more detailed analysis and remediation steps, please visit: Read More https://lnkd.in/ecPDeDi8

The XZ Utils Backdoor Case - how could you have swiftly responded to it and other backdoors? Organizations that use SBOM management tools can swiftly respond to this and similar backdoors and vulnerabilities Very practical advice inside Read More >>> https://lnkd.in/dzTvDYVS #SBOM #VulnerabilityManagement #BackDoor #SoftwareSupplyChainSecurity

The C3SA Premium Edition covers a wide range of crucial topics, including: - Web Application Basics & Exploitation - Network Basics & Exploitation - Hosts Basics & Exploitation - Multi-Cloud Basics & Exploitation - Security Operations Center (SOC)

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – relate to SQL injection flaws that allow an unauthenticated attacker within the same network to

Private Keys Exposed : Critical PuTTY Vulnerability: CVE-2024-31497 https://lnkd.in/d__ffnDB #Cisco #security #firewalls #cybersecurity #putty #networking #networksbaseline #thenetworkdna

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.6) – relate to SQL injection flaws that allow an unauthenticated attacker within the same network to