

Description: Apple has announced two zero-day vulnerabilities targeting Intel-based Mac computers. The vulnerabilities allow threat actors to perform remote code execution via web content on Sequoia-based systems.
Apple has confirmed that the there have been reports of the vulnerabilities being exploited in the wild and recommends that users upgrade their operating system immediately.
Recommended Actions:
External Links:
Description: Chinese threat actors have recently been exploiting a zero-day vulnerability found within the FortiClient Windows VPN client across the globe. The zero-day allows threat actors to dump credentials stored in memory after a user authenticates into the VPN client, thus allowing the threat actors to receive login information in plaintext that can then be used for further exploitation against an individual or organization. As of time of writing, there is currently no available patch for the FortiClient vulnerability, and Fortinet has not confirmed the zero-day.
Recommended Actions:
External Links:
Description: Cybersecurity firm Palo Alto Networks (PAN) published a bulletin advising firewall customers to take steps to secure their firewall management interfaces. The vulnerability enables an unauthenticated attacker with network access to the management web interface to gain administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities.
Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability.
Recommended Actions:
External Links:
Description: Microsoft released an update to Windows Server 2022 versions in early November 2024 that caused the potential for servers to be automatically and inadvertently updated to Microsoft Windows Server 2025. Affected users reported that there was no notification or alert to the upgrade, and users could not opt out of the version upgrade if it was initiated.
Microsoft has reported that this issue affected machines that were being managed and updated by third-party tools. The issue was fixed on Microsoft’s end, but users still need to ensure that updates are not being automatically deployed for this patch version of Windows Server 2022.
Recommended Actions:
External Links:
Description: At the end of October 2024, Cisco released the Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication includes 35 Cisco Security Advisories that describe 51 vulnerabilities in Cisco ASA, FMC, and FTD.
Cisco has released software updates that address these vulnerabilities.
Recommended Actions:
External Links: