TheCyberThrone Security Week In Review – April 20, 2024

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, April 13 & 20, 2024

Fortinet Patches several Vulnerabilities Affecting its Products

Fortinet has released a security advisory and patches addressing several critical and high-severity vulnerabilities in their popular security products. These vulnerabilities could expose organizations to remote code execution, unauthorized file deletion, OS command injection, and sensitive data leaks. Affected products include FortiClient (Linux and macOS), Forti Sandbox, FortiOS, and FortiProxy.

Ivanti Vulnerability is Wide Spread – CVE-2024-21894

A recently patched Ivanti high-severity heap overflow vulnerability, tracked as CVE-2024-21894, could impact nearly 16,500 internet-exposed Ivanti Connect Secure, and Poly Secure VPN gateways.

The maximum number of vulnerable Ivanti endpoints worldwide is at the U.S., with 4,700, followed by Japan, the UK, Germany, and France, according to a Shadowserver search. Significant exposure was also determined in China, the Netherlands, Spain, Canada, and India.

VMWare addressed Several Vulnerabilities in SD-WAN

VMware has released critical security patches to address multiple vulnerabilities in its SD-WAN solution. These vulnerabilities, if left unpatched, could present significant risks to organizations relying on VMware SD-WAN for managing their network connections.

The first vulnerability is tracked as CVE-2024-22246 with a CVSS score of 7.4. The second vulnerability is tracked as CVE-2024-22247 with a CVSS score of 4.8. The third vulnerability is tracked as CVE-2024-22248 with a CVSS score of 7.1

SUBSCRIBE TO OUR BLOG TODAY !

We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day

HashiCorp Critical Vulnerability – CVE-2024-3817

HashiCorp has issued an urgent security advisory regarding a critical vulnerability within its widely used go-getter library that could allow attackers to inject malicious code during Git operations, potentially leading to the compromise of systems using the affected library.

The vulnerability tracked as CVE-2024-3817 with a CVSS score 9.8 stems from how go-getter handles Git URLs. When fetching the default branch of a remote Git repository, go-getter may execute the Git command with user-controllable arguments. This opens the possibility for attackers to inject malicious code into the Git command, potentially allowing them to gain remote control of affected systems.

U.S. CISA Warning on Sisense breach

The U.S. CISA had urged the customers to reset the login credentials in response to a recent data breach at Sisense, a provider of data analytics services. Sisense’s AI and ML driven analytics platform is used for data collection and analysis by various industries, including healthcare, technology, manufacturing, and finance.

Change Healthcare again Victimized

Change Healthcare, a subsidiary of UnitedHealth Group, has been facing renewed extortion from cybercriminals just a month after paying a ransom to prevent the release of data stolen in a February 2024 ransomware attack.

BlackCat group disrupted healthcare operations across the US, compromising over 4TB of sensitive data, including personal and financial records, and later announced their closure after being raided by the FBI.

This brings end of this week in review security coverage. Thanks for visiting TheCyberThrone. If you like us please follow us on Facebook, Twitter, Instagram