SonicWall VPN Firewall VPNS Exposed to Critical Flaws

Over 25,000 SonicWall SSLVPN devices are vulnerable to serious security flaws, according to a recent analysis by cybersecurity firm Bishop Fox. These devices, used to provide secure remote access for businesses, are exposed to the internet and are targeted by attackers, including ransomware groups. Many of the vulnerable devices are running outdated or unsupported firmware, with around 20,000 using software versions that the company no longer supports.

Progress Kemp Loadmaster and VMWare Under Exploitation

Two major security vulnerabilities, now patched, are being actively exploited by cybercriminals. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical flaw (CVE-2024-1212) in the Progress Kemp LoadMaster, a device used for load balancing. This vulnerability allows attackers to remotely execute commands on the system through its management interface, potentially giving them full access. Although it was patched in February 2024, CISA has now added it to its list of actively exploited vulnerabilities, urging quick remediation, especially by government agencies.

JetPack Plugin Patches After Affecting 27 Million Sites

The Jetpack WordPress plugin, used on millions of sites, has released a critical security update to fix a vulnerability that allowed logged-in users to view others' submitted forms. This issue was discovered during an internal audit and has existed since 2016. Jetpack, part of Automattic, collaborated with the WordPress.org Security Team to ensure that users receive the update automatically, addressing the flaw in numerous versions of the plugin.

Windows Vulnerability Exploited as Zero-Day

Microsoft has recently highlighted a significant security vulnerability in Windows, known as CVE-2024-43461, which affects the retired Internet Explorer browser. Although Internet Explorer is no longer actively used, the underlying platform it utilized remains part of Windows and can still pose risks. This vulnerability allows attackers to run malicious code if a user inadvertently visits a harmful webpage or opens a tainted file. The flaw, which can mislead users about the true nature of a downloaded file, was exploited in the wild prior to its patching in September 2024.