What Is the Actual Cost of Cybercrime?
The blog post discusses the impact and costs of cybercrime on businesses, as well as solutions to bolster cybersecurity, including those provided by Evolve Security.
Evolve Security is writing to update you of a critical SQL vulnerability identified as CVE-2024-6670 in Progress WhatsUp Gold. It is worth underlining that threat actors are actively exploiting proof of concept (PoC) exploits to conduct opportunistic attacks.
CVE-2024-6670 is a critical SQL injection vulnerability, assigned a CVSS v3score of 9.8. Security researcher Sina Kheirkhah from Summoning Team discovered if WhatsUp Gold is configured with only a single user, attackers without prior authentication can exploit this vulnerability to access encrypted passwords. This CVE affects all versions of the WhatsUp Gold network monitoring software prior to version 2024.0.0. This vulnerability was added to the CISA Known Exploited Vulnerabilities (KEV) list on September 16, 2024 indicating it has been targeted and exploited in the wild.
Observed exploitation attempts indicate attackers bypassing WhatsUp Gold’s authentication and installing remote access tools. The use of these tools suggests attackers may be setting up for ransomware deployment.
The developer, Progress Software, issued a patch for this critical vulnerability in August 2024, along with CVE-2024-6671. To safeguard your systems, make sure to upgrade to WhatsUp Gold version 2024.0.0 or newer. Progress Software has noted that unusual entries in the "Name" column of the WhatsUp Gold user interface might indicate compromise. You can investigate this further by going to Settings > Actions and Alerts > Alert Center Libraries > Threshold tab.
https://summoning.team/blog/progress-whatsup-gold-sqli-cve-2024-6670/
https://www.cve.org/CVERecord?id=CVE-2024-6670
https://nvd.nist.gov/vuln/detail/CVE-2024-6670
https://github.com/sinsinology/CVE-2024-6670
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-August-2024
Evolve security has reviewed all client vulnerability data and determined there are no instances of this vulnerability identified across our client base. However, it is still recommended organizations proactively identify vulnerable versions and apply remediation recommendations as appropriate. Most organizations do not include all assets in their regular vulnerability testing so it is important to validate applicability to those assets that may not be in the regular scope for testing.
Unlock your organization's full security potential and uncover even more vulnerabilities than before by choosing our advanced penetration testing services.