OpenMetadata Vulnerabilities Allow Attackers to Cryptomine in Kubernetes Environments
Apr 18, 2024
Categories
Top Articles
CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches
Apr 17, 2024
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security
Apr 17, 2024
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities (CVE-2024-24996, CVE-2024-29204…)
Apr 17, 2024
Major Cyber Attacks in Review: March 2024
Apr 16, 2024
Feb 12, 2024
Major Cyber Attacks in Review: January 2024
Major Cyber Attacks in Review: January 2024 As January 2024 dawned, the digital atmosphere braced itself for another year’s cybersecurity challenges. Throughout the month, organizations experien...
Learn More
Feb 09, 2024
RCEs in FortiOS SSL VPN, ‘shim’; Latest Ivanti Flaw Possibly Exploited...
RCEs in FortiOS SSL VPN, ‘shim’; Latest Ivanti Flaw Possibly Exploited (CVE-2024-21762, CVE-2023-40547, CVE-2024-22024) [Update] March 20, 2024: “Technical Documentation and Detailed Exploit Code on C...
Learn More
Feb 09, 2024
Retrospective – SOCRadar in 2023
Retrospective – SOCRadar in 2023 2023 has been a year we left behind with bitter and sweet memories. Although it will leave its mark on the long journey of humanity as a year marked by natural disaste...
Learn More
Feb 08, 2024
Cisco Fixed Critical CSRF Flaws in Expressway Gateways (CVE-2024-20252...
Cisco Fixed Critical CSRF Flaws in Expressway Gateways (CVE-2024-20252 and CVE-2024-20254) Cisco patched multiple security vulnerabilities, including critical ones, affecting its Expressway Series gat...
Learn More
Feb 07, 2024
Critical JetBrains TeamCity Authentication Bypass (CVE-2024-23917); CI...
Critical JetBrains TeamCity Authentication Bypass (CVE-2024-23917); CISA Adds Chrome Type Confusion to KEV (CVE-2023-4762) JetBrains recently discovered a critical authentication bypass vulnerability ...
Learn More
Feb 06, 2024
Latest Vulnerabilities in FortiSIEM, Oracle WebLogic, Apache Tomcat: C...
Latest Vulnerabilities in FortiSIEM, Oracle WebLogic, Apache Tomcat: CVE-2024-23108, CVE-2024-23109, CVE-2024-20931, CVE-2024-21733 The ever-evolving landscape of cybersecurity presents new challenges...
Learn More
Feb 06, 2024
Barracuda Disclosed Critical Vulnerabilities in WAF, Affecting File Up...
Barracuda Disclosed Critical Vulnerabilities in WAF, Affecting File Upload and JSON Protection Barracuda recently issued a security advisory confirming the presence of 7 security vulnerabilities, rang...
Learn More
Feb 05, 2024
AnyDesk Production Server Breach and Dark Web Sale of 18,000 Accounts
AnyDesk Production Server Breach and Dark Web Sale of 18,000 Accounts AnyDesk, a prominent remote desktop software provider, reported a security breach affecting its production systems on February 2, ...
Learn More
Feb 05, 2024
Latest Critical Vulnerabilities in Juniper Secure Analytics and Mastod...
Latest Critical Vulnerabilities in Juniper Secure Analytics and Mastodon: CVE-2023-37920, CVE-2021-4048, CVE-2024-23832 The latest serious issues demanding attention include severe vulnerabilities fou...
Learn More
Feb 02, 2024
Severe Vulnerabilities in Moby BuildKit and OCI runc: CVE-2024-23651, ...
Severe Vulnerabilities in Moby BuildKit and OCI runc: CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626 The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert reg...
Learn More
Feb 01, 2024
Vulnerability in Ivanti Connect Secure, Policy Secure, and Neurons for...
Vulnerability in Ivanti Connect Secure, Policy Secure, and Neurons for ZTA Exploited (CVE-2024-21888, CVE-2024-21893) [Update] March 11, 2024: “Rapid Exploitation of CVE-2024-21888 and CVE-2024-...
Learn More
Jan 31, 2024
GNU C Library Affected by Several Vulnerabilities, Attackers Could Obt...
GNU C Library Affected by Several Vulnerabilities, Attackers Could Obtain Root Access (CVE-2023-6246) Researchers have recently discovered several vulnerabilities in GNU C Library (glibc), impacting v...
Learn More
Jan 29, 2024
Atlassian’s Confluence Data Center and Server Affected by Critical RCE...
Atlassian’s Confluence Data Center and Server Affected by Critical RCE Vulnerability, CVE-2023-22527: Patch Now [Update] January 25, 2024: “CVE-2023-22527 Has Been Listed in CISA KEV” [Update] January...
Learn More
Jan 26, 2024
Critical RCE Vulnerability in Cisco Unified Communications with Risk o...
Critical RCE Vulnerability in Cisco Unified Communications with Risk of Root Access (CVE-2024-20253) The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert highlighting Cisco ...
Learn More
Jan 24, 2024
Critical Jenkins CLI File Read Vulnerability Could Lead to RCE Attacks...
Critical Jenkins CLI File Read Vulnerability Could Lead to RCE Attacks (CVE-2024-23897) [Update] January 29, 2024: Read under “PoC Exploits Are Available for the Jenkins Vulnerability, CVE-2024-23897”...
Learn More
Jan 24, 2024
Critical Auth Bypass in GoAnywhere MFT: Is It a New Ransomware Gateway...
Critical Auth Bypass in GoAnywhere MFT: Is It a New Ransomware Gateway? (CVE-2024-0204) Fortra has disclosed a critical vulnerability in its GoAnywhere MFT (Managed File Transfer) software – an authen...
Learn More
Jan 23, 2024
What is SIM Swapping?
What is SIM Swapping? SIM swapping attacks have emerged as a formidable and increasingly prevalent challenge in the ever-evolving cyber landscape. This sophisticated form of cybercrime involves attack...
Learn More
Jan 23, 2024
New Apple Zero-Day in WebKit Received a Fix (CVE-2024-23222)
New Apple Zero-Day in WebKit Received a Fix (CVE-2024-23222) [Update] January 24, 2024: “Apple WebKit Zero-Day CVE-2024-23222 Enters CISA KEV Catalog” Apple has issued security updates to address the ...
Learn More
Jan 22, 2024
A Year of Vigilance and Innovation, Triumphs of CISA in 2023
A Year of Vigilance and Innovation, Triumphs of CISA in 2023 In its fifth year on the cybersecurity frontier since its establishment in 2018, the Cybersecurity and Infrastructure Security Agency (CISA...
Learn More
Jan 19, 2024
Oracle Issued 389 New Security Patches in January 2024 Critical Patch ...
Oracle Issued 389 New Security Patches in January 2024 Critical Patch Update Oracle has released its Critical Patch Update advisory for January 2024, aimed at remedying vulnerabilities spanning variou...
Learn More
