The critical CVE-2024-40711 vulnerability in Veeam Backup & Replication (VBR) is drawing attention from security researchers and ransomware groups alike. Discovered by Florian Hauser from Code White, this flaw allows attackers to take full control of enterprise systems, posing a significant threat to the integrity of data backup infrastructures. With ransomware groups historically targeting Veeam vulnerabilities, CVE-2024-40711 could soon become a valuable tool for cybercriminals.

On September 10, 2024, Ivanti released fixes for CVE-2024-29847, a maximum severity vulnerability in Ivanti Endpoint Manager (EPM). This flaw, found in the agent portal of specific EPM versions, allows Remote Code Execution (RCE) by an unauthenticated attacker due to improper deserialization of untrusted data.

The security world is awash in acronyms. As a niche in the security world, vulnerability, tracking, measurement, and management is no stranger to inscrutable collections of capital letters. We’ve got NVD, CPE, CWE, CVSS, EPSS, CAPEC, KEV, and of course “CVE”. The key goal of all these frameworks is to try to help folks organize information around vulnerabilities and assess how their presence might increase an organization's exposure.

With the recent release of Ubuntu 24.04, we at Snyk Security Labs thought it would be interesting to examine the latest version of this Linux distribution to see if we could find any interesting privilege escalation vulnerabilities. I’ll let the results speak for themselves: During our research, we successfully identified a privilege escalation from the default user on a fresh Ubuntu Desktop installation to root.

Advanced biometrics. Seamless onboarding walkthroughs. Cross-platform integrations. Hyper-personalized dashboards. Cleanly designed reports. These are just some of the features today’s users expect from their financial applications, pushing most financial institutions to release them quickly — or risk being outpaced by FinTech disruptors who already do. As a result, development teams must build more quickly, adopting new technologies to stay in step with demanding goals and tight deadlines.

On September 4, 2024, Veeam released a security bulletin announcing that they have fixed several vulnerabilities affecting various Veeam products. Arctic Wolf has highlighted five of these vulnerabilities, which are classified as critical. Arctic Wolf has not observed any exploitation of these vulnerabilities in the wild and has not identified any publicly available proof of concept (PoC) exploit code.

On August 22, 2024, a remote code execution vulnerability (CVE-2024-40766) was disclosed in SonicOS, affecting a selection of SonicWall firewall devices. At the time of disclosure, active exploitation was not known and no proof-of-concept exploit was publicly available. As of September 6, 2024, however, the security advisory has been updated with additional details, indicating that the vulnerability is potentially being actively exploited.