In a troubling development, Fortinet has disclosed a critical zero-day vulnerability affecting its FortiOS and FortiProxy products. Tracked as CVE-2024-55591 with a CVSS score of 9.3, this vulnerability allows remote attackers to gain super-admin privileges on affected devices, including firewalls and SSL VPNs. The flaw has already been exploited in the wild, highlighting the urgency […]
A critical vulnerability in Windows Lightweight Directory Access Protocol (LDAP), tracked as CVE-2024-49112, has been demonstrated with the release of a proof-of-concept (PoC) exploit. This flaw, disclosed by Microsoft during its December 2024 Patch Tuesday update, carries a CVSS score of 9.8, marking it as a severe risk to enterprise networks. Overview of CVE-2024-49112 This […]
A critical security flaw, CVE-2024-13030, has been discovered in the web management interface of the D-Link DIR-823G router (firmware version 1.0.2B05_20181207). This vulnerability enables attackers to bypass access controls, potentially compromising device security and exposing networks to further exploitation. Vulnerability Overview The vulnerability stems from improper access control in the router’s /HNAP1/ endpoint, which governs […]
Cybersecurity researchers have identified a concerning evolution of the traditional clickjacking attack—dubbed DoubleClickjacking. This sophisticated method bypasses existing defenses, leaving even major websites vulnerable to exploitation and exposing users to potential account takeovers. Here’s a deep dive into what DoubleClickjacking is, how it works, and what can be done to mitigate its risks. What Is […]
Italy recently faced a cyberattack on its Foreign Ministry and key airport websites, attributed to the pro-Russian hacker group Noname057(16). While the attack caused temporary disruptions, there were no significant operational issues, including at Milan’s major airports, Linate and Malpensa. Details of the Attack On Saturday, official websites of the Foreign Ministry and Milan’s airports […]
The infamous Clop ransomware gang has escalated its operations, targeting companies impacted by a Cleo data-theft attack. With a list of 66 companies already announced, the group has issued a chilling ultimatum: victims have 48 hours to respond to ransom demands, or face public exposure of their identities and data. This latest campaign highlights Clop’s […]
We specialize in safeguarding businesses from advanced hacker attacks and cyber threats. Our dedicated team of cybersecurity experts employs cutting-edge technology and innovative strategies to protect our clients’ digital assets. We are committed to providing comprehensive security solutions that ensure the safety and integrity of your data, allowing you to operate with confidence in today’s digital landscape. With DefenShield CyberSecurity, your business is in safe hands.