November 2024 – Page 9 – TheCyberThrone

CISA adds PTZOptics flaws to its KEV Catalog

The US CISA has added PTZOptics flaws to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation. CVE-2024-8956 PTZOptics PT30X-SDI/NDI cameras contain an insecure direct object reference…

PravinKarthik November 5, 2024

QNAP addresses CVE-2024-50389 in QuRouter

QNAP has addressed a critical zero-day vulnerability in its QuRouter network security appliance, exploited by security researchers during the recent Pwn2Own hacking contest in Ireland. The vulnerability, tracked as CVE-2024-50389…

PravinKarthik November 4, 2024

Sophos says Chinese threat actors enhance tactics over time

Security researchers from Sophos have detailed evolving tactics by Chinese advanced persistent threat groups through the analysis of their telemetry on campaigns targeting its customers between December 2018 and November…

PravinKarthik November 2, 2024

Apache Lucene fixes CVE-2024-43383

Apache Lucene.NET, an open-source search library has been discovered having a security flaw that could allow attackers to remotely execute malicious code. The vulnerability tracked as CVE-2024-43383 with a CVSS…

PravinKarthik November 2, 2024

Microsoft Sharepoint Server CVE-2024-38094 Exploited

Threat actors have exploited a vulnerability in Microsoft SharePoint Server, identified as CVE-2024-38094, allowing them to gain complete domain access and compromise critical systems. The Rapid7 incident response team has…

PravinKarthik November 1, 2024

WordPress Plugin LiteSpeed Cache Flaw CVE-2024-50550

Security researcher has identified a vulnerability in the LiteSpeed Cache plugin that could compromise WordPress sites with its unauthenticated privilege escalation capabilities. The vulnerability tracked as CVE-2024-50550 with a CVSS…

PravinKarthik November 1, 2024