Here are the key points from our December 24, 2024 cybersecurity reports:

• A critical vulnerability in Apache Struts2 could allow remote code execution. Organizations need to patch immediately and investigate for compromise.
• Multiple high-risk vulnerabilities were found in Tenable Security Center and IBM Cognos Analytics. These vulnerabilities could allow remote code execution, data breaches, and denial of service attacks. Patching and security audits are crucial.
• A vulnerability in Acclaim Systems USAHERDS involving hard-coded credentials is being actively exploited. Organizations need to identify and replace these credentials immediately.
• NetApp products have a vulnerability that could allow attackers to breach data confidentiality. Patching, access control reviews, and monitoring are recommended.
• CISA released ICS security advisories detailing vulnerabilities in various control system components. Organizations using ICS should review these advisories and implement necessary security measures.
• The overall cybersecurity risk landscape is assessed as HIGH. Immediate action is required to mitigate these vulnerabilities and reduce exposure to cyberattacks.

For more information in the SecureResearch Daily Cyber Intelligence Brief, email info@secureresearch.com