Featured Story
5379 GitLab Servers Vulnerable to Zero-Click Account Takeover Attacks
GitLab has patched a critical zero-click account takeover vulnerability (CVE-2023-7028), affecting versions 16.1 to 16.7. A CVSS 10-rated flaw, it allows attackers to hijack accounts through a password reset flow without user interaction. ShadowServer reports over 5,300 exposed instances globally.
Update to 16.7.2, 16.6.4, or 16.5.6—or backport to 16.1.6, 16.2.9, or 16.3.7.
Check logs for suspicious password reset requests with multiple email addresses in:
– gitlab-rails/production_json.log
– gitlab-rails/audit_json.log
Our SOC can assist in reviewing or investigating suspected compromise.
Other Highlights
Apple Patches Critical iPhone and Mac Zero-Day
CVE-2024-23222 is a WebKit flaw actively exploited to execute malicious code via crafted web content. Patches released across iOS, iPadOS, macOS, tvOS, and Safari.
Install the latest updates (e.g. iOS 17.3, macOS 14.3) to stay protected. We can assist with vulnerability management if needed.
Cisco UC/Contact Center Critical Flaw (CVE-2024-20253)
A CVSS 9.9 bug allows unauthenticated remote code execution across Cisco Unified Communications and Contact Center products.
Apply patches immediately. If unable, use ACLs to restrict access to affected ports and systems. Need help assessing your risk or patch rollout? Let us know.
Exploit Code Released for Fortra GoAnywhere (CVE-2024-0204)
Attackers can bypass authentication and create admin accounts on GoAnywhere MFT. Exploit code is now public. CVSS: 9.8.
Check for suspicious admin users and monitor logs under
goanywhere\userdata\database\goanywhere\log. Patch immediately. Clop ransomware previously targeted GoAnywhere.WordPress Plugin: Better Search Replace Vulnerability (CVE-2023-6933)
Unauthenticated PHP Object Injection with CVSS 9.8 affects Better Search Replace plugin ≤ v1.4.4. Exploitation may lead to file deletion or sensitive data theft.
Patch to v1.4.5 or later immediately. Monitor for abnormal behavior. Approach SOC can handle triage and monitoring for your WordPress environment.
