Blog

Ransomware Operators Exploit ESXi Hypervisor Vulnerability for Mass Encryption Overview Microsoft researchers have uncovered a significant vulnerability in ESXi hypervisors that ransomware operators are actively exploiting to obtain full administrative permissions on domain-joined ESXi systems. This vulnerability, tracked as CVE-2024-37085, enables attackers to compromise critical infrastructure by targeting ESXi hypervisors, which host virtual machines (VMs) […]

Chained for Attack: OpenVPN Vulnerabilities Leading to RCE and LPE Introduction In the ever-evolving landscape of cybersecurity, virtual private networks (VPNs) are often considered a cornerstone of secure communications. OpenVPN, a widely adopted open-source VPN solution, is integrated into millions of devices worldwide, including routers, PCs, and smart devices. However, recent discoveries have unveiled vulnerabilities

[Solved] Critical UEFI Secure Boot Vulnerability (CVE-2024-7344) Introduction In January 2025, cybersecurity researchers uncovered a severe vulnerability in the Unified Extensible Firmware Interface (UEFI) Secure Boot system, tracked as CVE-2024-7344. This vulnerability poses a significant threat as it allows attackers to bypass Secure Boot protections, enabling the execution of unauthorized code during the boot process.

[Solved] CVE-2025-21311 The Windows NTLMv1 Elevation of Privilege Vulnerability In January 2025, a critical vulnerability in the Windows NTLMv1 authentication protocol, identified as CVE-2025-21311, was disclosed. This vulnerability, which has been assigned a CVSS score of 9.8 (out of 10), poses significant security risks by allowing unauthenticated attackers to exploit the NTLMv1 protocol and gain

CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability On January 7, 2025, a significant security vulnerability—CVE-2024-50603—was disclosed, affecting Aviatrix Controllers. With a staggering CVSS score of 9.9, this remote code execution vulnerability poses a critical risk to organizations using Aviatrix Controllers. It has since been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known

Microsoft January 2025 Patch Tuesday: Fixing 8 Zero-Days and 159 Vulnerabilities Microsoft has kicked off 2025 with a significant Patch Tuesday release, addressing a record-breaking number of security vulnerabilities. With updates for 159 flaws, including eight zero-day vulnerabilities—three of which are actively exploited in the wild—this month’s updates underscore the importance of maintaining a robust

[Solved] CVE-2024-48365 Qlik Sense HTTP Tunneling Vulnerability Introduction: In the fast-paced world of data analytics, businesses rely on tools that provide insights from large volumes of data. One such tool is Qlik Sense, an enterprise-level business intelligence (BI) and data visualization platform designed to make data more accessible, understandable, and actionable for organizations. However, like

[Solved] CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability Introduction Cybersecurity vulnerabilities are an ever-present threat, and one of the latest to make headlines is CVE-2024-12686. This command injection vulnerability was identified in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) solutions. Exploitation of this vulnerability allows attackers

January 2025 Patch Tuesday forecast: Changes coming you need to know Welcome to 2025! As we step into another year brimming with technological advancements and cybersecurity challenges, Microsoft and other industry leaders are gearing up for significant updates and transformations. This January’s Patch Tuesday promises to set the tone for what lies ahead, especially in

[Solved] Microsoft Windows Explorer AutoPlay Not Disabled Vulnerability AutoPlay in Windows Explorer is a convenience feature that simplifies the handling of media and devices by automatically executing predefined actions. However, if not disabled system-wide, this feature can leave systems vulnerable to exploitation. This blog focuses on the vulnerability identified by Qualys ID 105170, “Microsoft Windows