CVEs

768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023

Feb 3, 2025 by iHash Leave a Comment

Feb 03, 2025Ravie LakshmananVulnerability / Network Security As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known … [Read more...] about 768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023

Reducing CVEs in Elastic container images

Dec 25, 2024 by iHash Leave a Comment

In this blog post, we will discuss our journey to significantly reduce Common Vulnerabilities and Exposures (CVEs) in Elastic container images by switching to a minimal base image in our Elastic products and optimizing our workflows for a scalable vulnerability management program.Elastic Stack based on Chainguard imagesChainguard images are a collection of container images that … [Read more...] about Reducing CVEs in Elastic container images

80% of Exposures from Misconfigurations, Less Than 1% from CVEs

May 17, 2024 by iHash Leave a Comment

A new report from XM Cyber has found – among other insights - a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on hundreds of thousands of attack path assessments conducted by the XM Cyber platform … [Read more...] about 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

Cross-Domain Attack Defense with Intel-Led Threat Hunting

1. Initial Entry and Exploitation In the first stage of this attack, the adversary set up a command-and-control (C2-1 in Figure 1) infrastructure to launch their attack. They targeted a Linux Tomcat server, exploiting a known vulnerability to gain root access. Once inside, they conducted reconnaissance using standard tools like LDAP search to enumerate […]

Easy, comprehensive Logstash monitoring with Elastic Agent

Logstash is a powerful tool for ingesting, transforming, and shipping data from various sources. Visibility into Logstash is critical for optimizing performance and troubleshooting issues related to data ingestion. We’ve greatly improved the Logstash integration to display the status of your Logstash nodes and pipelines at a glance. The integration is now powered by Elastic […]

Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language

Mar 01, 2025Ravie LakshmananPrivacy / Data Protection Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states – You give Mozilla the rights […]

a Double-Edged Sword for IT Teams – Essential Yet Exploitable

Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true […]

CrowdStrike 2025 Global Threat Report: Beware the Enterprising Adversary

Today’s adversaries have long been accelerating and evolving their operations. Now they are developing a business-like structure, refining and scaling their successful strategies, and exploring new technologies to cultivate a more efficient approach to cyberattacks. 2024 was the year of the enterprising adversary. The CrowdStrike Global Threat Report delivers critical insights into the evolving […]

Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations

Feb 27, 2025Ravie LakshmananMalware / Threat Intelligence A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country’s National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications. […]

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023

Reducing CVEs in Elastic container images

80% of Exposures from Misconfigurations, Less Than 1% from CVEs