Featured Story
Microsoft Exchange Flaw CVE-2024-21410 Could Impact Up to 97,000 Servers
Researchers from Shadowserver have identified ~28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The flaw allows attackers to bypass protections and execute code, potentially exposing data or disabling systems.
The vulnerability enables NTLM credential leaks through Outlook, which can be relayed to Exchange servers to impersonate users. While 28,500 servers were confirmed vulnerable, up to 97,000 may be affected globally—mainly in Germany and the U.S.
Microsoft’s February Patch Tuesday includes a fix. Apply it immediately. If patching isn’t feasible, isolate unpatched Exchange servers from the internet to reduce exposure.
Other Highlights
Critical ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
Two critical vulnerabilities impact ConnectWise ScreenConnect (v23.9.7 and earlier): one allowing remote code execution, the other bypassing authentication. Exploits are already circulating publicly. 18,000+ instances are exposed globally, including confirmed compromises.
Cloud-hosted instances were patched automatically. Self-hosted users must upgrade to 23.9.8. If patching isn’t possible, isolate affected systems and review for unauthorized access.
Zero-Click Apple Shortcuts Vulnerability Allows Silent Data Theft
CVE-2024-23204 allows attackers to bypass Apple’s Transparency, Consent, and Control (TCC) security via malicious Shortcuts. This zero-click attack affects iOS and macOS, allowing data theft without user interaction. Exploits can exfiltrate data inside image files.
Apple has patched this in macOS Sonoma 14.3, iOS 17.3, and iPadOS 17.3. Users should update immediately and avoid running shortcuts from untrusted sources.
Wave of Vishing: Fake Card Stop Calls Target Belgian Citizens
Citizens are receiving fake calls claiming to be from Card Stop, warning of suspicious €2,600 transactions and urging victims to press 1. Scammers then extract personal data under the guise of preventing fraud.
Never share sensitive info over the phone. Report incidents to police and contact your bank or Card Stop at 078 170 170. Suspicious messages can be forwarded to:
– verdacht@safeonweb.be
– suspect@safeonweb.be
– suspicious@safeonweb.be
Our SOC team is available to assist with any suspicious calls or messages.
