LR pixel

Aviatrix Controllers OS Command Injection Vulnerability

What is the Vulnerability?Aviatrix Controllers contain an OS command injection vulnerability that could allow an unauthenticated attacker to execute arbitrary code. The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, has...

Rsync File Synchronization Tool Vulnerabilities

What are the Vulnerabilities?Six security vulnerabilities have been disclosed in the popular Rsync tool, an open-source file synchronization and data transferring tool utilized for its ability to perform incremental transfers, reducing data transfer times and...

Ivanti Connect Secure Zero-Day Vulnerability

What are the Vulnerabilities?Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. CVE-2025-0282 is an unauthenticated stack-based buffer overflow affecting Ivanti Connect Secure, Policy Secure,...

EC2 Grouper Attack

What is the Attack?FortiGuard Labs Threat Team has observed recent attacks by a Threat Actor dubbed “EC2 Grouper” that leverages AWS tools for PowerShell to carry out cloud-based attacks. It leverages APIs to inventory EC2 types and available regions...

PAN-OS Firewall Denial of Service (DoS) Vulnerability

What is the Vulnerability?Attackers are exploiting, a Denial-of-Service vulnerability (CVE-2024-3393) in the DNS Security feature of Palo Alto Networks PAN-OS. This vulnerability allows an unauthenticated attacker to send a malicious packet through the data plane of...