Week 17 of 2024

• CVE-2024-2389: Maximum severity Flowmon bug has a public exploit

• CVE-2024-20353, CVE-2024-20359: ArcaneDoor hackers exploit Cisco zero-days to breach govt networks

• CVE-2024-4040: CrushFTP warns users to patch exploited zero-day “immediately”

• Hackers hijack antivirus updates to drop GuptiMiner malware

Brought to you by Brad Causey, CISSP and Joey Vandegrift at SecurIT360