Docker Fixed an AuthZ Bypass Flaw Leading to Privilege Escalation: CVE-2024-41110
Jul 24, 2024
Categories
Top Articles
Laravel Framework Affected by a New Critical Vulnerability (CVE-2024-40075): Patch Now
Jul 24, 2024
Suspicious Domains Exploiting the Recent CrowdStrike Outage!
Jul 20, 2024
CrowdStrike Update Causing Blue Screen of Death and Microsoft 365/Azure Outage
Jul 19, 2024
Critical Vulnerabilities in SolarWinds ARM, Serv-U, and Cisco SSM On-Prem, Secure Email Gateway Products
Jul 18, 2024
Jul 24, 2024
Docker Fixed an AuthZ Bypass Flaw Leading to Privilege Escalation: CVE...
Docker Fixed an AuthZ Bypass Flaw Leading to Privilege Escalation: CVE-2024-41110 On July 23, 2024, Docker issued an advisory regarding a security vulnerability in the authorization plugins (AuthZ), u...
Learn More
Jul 24, 2024
Laravel Framework Affected by a New Critical Vulnerability (CVE-2024-4...
Laravel Framework Affected by a New Critical Vulnerability (CVE-2024-40075): Patch Now A very critical vulnerability, designated as CVE-2024-40075, has emerged in the Laravel PHP framework. This flaw ...
Learn More
Jul 20, 2024
Suspicious Domains Exploiting the Recent CrowdStrike Outage!
Suspicious Domains Exploiting the Recent CrowdStrike Outage! [Update] July 23, 2024: “Researchers Warn of Phishing Scenarios Exploiting the CrowdStrike Outage by Cybercriminals”, “Exploiting Real Time...
Learn More
Jul 19, 2024
CrowdStrike Update Causing Blue Screen of Death and Microsoft 365/Azur...
CrowdStrike Update Causing Blue Screen of Death and Microsoft 365/Azure Outage [Update] July 19, 2024: “Official Statement from the CrowdStrike CEO and the Possible Phishing Scenarios” The tech world ...
Learn More
Jul 18, 2024
Critical Vulnerabilities in SolarWinds ARM, Serv-U, and Cisco SSM On-P...
Critical Vulnerabilities in SolarWinds ARM, Serv-U, and Cisco SSM On-Prem, Secure Email Gateway Products Technology giants SolarWinds and Cisco have recently released security advisories addressing se...
Learn More
Jul 11, 2024
Microsoft Fixes CVE-2024-38112 After Over a Year of Exploitation; Zero...
Microsoft Fixes CVE-2024-38112 After Over a Year of Exploitation; Zero-Click Threat of CVE-2024-38021 Microsoft’s most recent Patch Tuesday updates addressed a high-severity zero-day vulnerabili...
Learn More
Jul 11, 2024
Major Cyber Attacks in Review: June 2024
Major Cyber Attacks in Review: June 2024 June 2024 has been a whirlwind of significant cyber attacks targeting high-profile organizations worldwide. Following the ongoing Snowflake-related issues, the...
Learn More
Jul 10, 2024
July 2024 Patch Tuesday Fixes 139 CVEs, Actively Exploited Zero-Days; ...
July 2024 Patch Tuesday Fixes 139 CVEs, Actively Exploited Zero-Days; CISA Highlights Citrix Updates [Update] July 11, 2024: “Proof-of-Concept Exploit Available for SharePoint RCE Vulnerabilitie...
Learn More
Jul 10, 2024
Cyber Security Aspect of the 2024 NATO Summit
Cyber Security Aspect of the 2024 NATO Summit [Update] July 11, 2024: “Washington Summit Declaration” The idea of building alliances was already important for increasing the security of kingdoms and l...
Learn More
Jul 04, 2024
Critical HTTP File Server Vulnerability (CVE-2024-23692) Actively Expl...
Critical HTTP File Server Vulnerability (CVE-2024-23692) Actively Exploited to Deploy Cryptomining Malware, RATs, Stealers Researchers have identified active exploitation targeting a critical vulnerab...
Learn More
Jul 03, 2024
Velvet Ant's Strategic Targeting: A Long-Term Cyber Espionage Campaign...
Velvet Ant’s Strategic Targeting: A Long-Term Cyber Espionage Campaign Against F5 BIG-IP Systems In the constantly evolving landscape of cybersecurity, the Velvet Ant Advanced Persistent Threat (APT) ...
Learn More
Jul 01, 2024
New Security Vulnerability "regreSSHion" Exposes Millions of Linux Ope...
New Security Vulnerability “regreSSHion” Exposes Millions of Linux OpenSSH Servers to RCE Attacks (CVE-2024-6387) [Update] July 2, 2024: “PoC Exploit for regreSSHion Vulnerability (CVE-2024-6387) Surf...
Learn More
Jun 27, 2024
GitLab Issues Critical Patches for CE/EE Alongside Fortra & MOVEit (CV...
GitLab Issues Critical Patches for CE/EE Alongside Fortra & MOVEit (CVE-2024-5655, CVE-2024-5276, CVE-2024-5805, CVE-2024-5806) GitLab has rolled out new security updates for both its Community Ed...
Learn More
Jun 26, 2024
Polyfill Fuels Supply Chain Concerns with Malicious Redirects: +100,00...
Polyfill Fuels Supply Chain Concerns with Malicious Redirects: +100,000 Websites Affected Latest Update: “Polyfill Issue Affects +380,000 Hosts and Major Companies, With Ongoing New Domain Regis...
Learn More
Jun 18, 2024
VMware vCenter Server Updates Address Critical RCE and Privilege Escal...
VMware vCenter Server Updates Address Critical RCE and Privilege Escalation Vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) Broadcom has released a security update for its popular man...
Learn More
Jun 12, 2024
Microsoft’s June 2024 Patch Tuesday Highlights KeyTrap Zero-Day, Criti...
Microsoft’s June 2024 Patch Tuesday Highlights KeyTrap Zero-Day, Critical MSMQ Flaw; Windows LPE Exploit Microsoft has released the June 2024 Patch Tuesday updates, aiming to fortify Microsoft product...
Learn More
Jun 11, 2024
Major Cyber Attacks in Review: May 2024
Major Cyber Attacks in Review: May 2024 May 2024 saw several major cyber attacks across diverse sectors, including cryptocurrency, cloud services, and online archives. Notable incidents include the $3...
Learn More
Jun 10, 2024
Malvertising Campaign Targets Windows Administrators Using PuTTy and W...
Malvertising Campaign Targets Windows Administrators Using PuTTy and WinSCP An AI illustration of the malvertising campaign using PuTTy and WinSCP In the ever-evolving landscape of digital security...
Learn More
Jun 07, 2024
Grandoreiro Malware Campaign: A Global Threat to Banking Security
Grandoreiro Malware Campaign: A Global Threat to Banking Security The Grandoreiro banking trojan was first observed in 2016. This threat is described as a highly sophisticated and adaptive Windows-bas...
Learn More
Jun 05, 2024
Zyxel NAS Devices’ EoL Models Patched for Critical Code Execution Vuln...
Zyxel NAS Devices’ EoL Models Patched for Critical Code Execution Vulnerabilities: CVE-2024-29972, CVE-2024-29973, CVE-2024-29974 [Update] June 24, 2024: “Critical Zyxel NAS Vulnerability (CVE-2024-29...
Learn More
