Vulnerability

Versa Networks Exposes Critical API Vulnerability in Versa Director (CVE-2024-45229)

• Vulnerability

Versa Networks Exposes Critical API Vulnerability in Versa Director (CVE-2024-45229)

Ddos September 20, 2024 0

Versa Networks has issued a security advisory regarding a vulnerability discovered in its Versa Director product, CVE-2024-45229....

Read More Read more about Versa Networks Exposes Critical API Vulnerability in Versa Director (CVE-2024-45229)

Critical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged to Upgrade Immediately

• Vulnerability

Critical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged to Upgrade Immediately

Ddos September 20, 2024 0

In a significant development for website owners and administrators using Camaleon CMS, a critical security update has...

Read More Read more about Critical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged to Upgrade Immediately

Critical Flaw in Ivanti CSA 4.6: CVE-2024-8963 Actively Exploited, Urgent Upgrade Required

• Vulnerability

Critical Flaw in Ivanti CSA 4.6: CVE-2024-8963 Actively Exploited, Urgent Upgrade Required

Ddos September 19, 2024 0

Ivanti, a leader in enterprise software, has disclosed a critical vulnerability in its Ivanti Connect Secure Appliance...

Read More Read more about Critical Flaw in Ivanti CSA 4.6: CVE-2024-8963 Actively Exploited, Urgent Upgrade Required

Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure

• Vulnerability

Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure

Ddos September 19, 2024 0

The Nigeria Computer Emergency Response Team (ngCERT) has issued an urgent alert warning of ransomware groups actively...

Read More Read more about Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure

Tor Project Responds to De-Anonymization Report: Network Remains Secure for Most Users

• Vulnerability

Tor Project Responds to De-Anonymization Report: Network Remains Secure for Most Users

Ddos September 19, 2024 0

In response to an investigative report revealing a law enforcement de-anonymization attack on a Tor user, the...

Read More Read more about Tor Project Responds to De-Anonymization Report: Network Remains Secure for Most Users

CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS

• Malware
• Vulnerability

CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS

Ddos September 19, 2024 0

In a concerning new development, cybersecurity researchers at Darktrace have unveiled a report detailing the exploitation of...

Read More Read more about CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS

Google Warns: Dependency Scanners Often Misreport Vulnerabilities

• Vulnerability

Google Warns: Dependency Scanners Often Misreport Vulnerabilities

Ddos September 19, 2024 0

The AutoVM team at Google has discovered that dependency scanning tools often mistakenly report vulnerabilities in software....

Read More Read more about Google Warns: Dependency Scanners Often Misreport Vulnerabilities

PoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance

• Vulnerability

PoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance

Ddos September 19, 2024 0

A proof-of-concept (PoC) exploit for CVE-2024-8190, an exploited OS command injection vulnerability in Ivanti Cloud Services Appliance,...

Read More Read more about PoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance

Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert

• Vulnerability

Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert

Ddos September 19, 2024 0

In a recent advisory published on September 16th, data protection powerhouse Acronis disclosed a critical security vulnerability...

Read More Read more about Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert

Stealthy Persistence: Microsoft Entra ID’s Administrative Units Weaponized

• Vulnerability

Stealthy Persistence: Microsoft Entra ID’s Administrative Units Weaponized

Ddos September 19, 2024 0

In recent research, Datadog Security Labs has shed light on a potential security risk within Microsoft Entra...

Read More Read more about Stealthy Persistence: Microsoft Entra ID’s Administrative Units Weaponized

Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC

• Cyber Security
• Malware
• Vulnerability

Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC

Ddos September 19, 2024 0

In a recent report from Trend Micro, the cyber espionage group Earth Baxia has been identified targeting...

Read More Read more about Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC

Researchers Detail CVE-2024-38014 0-Day Vulnerability in Windows MSI Installers Exploited in the Wild

• Vulnerability

Researchers Detail CVE-2024-38014 0-Day Vulnerability in Windows MSI Installers Exploited in the Wild

Ddos September 18, 2024 0

A patched zero-day vulnerability (CVE-2024-38014) affecting Microsoft Windows MSI installers has been discovered and exploited in the...

Read More Read more about Researchers Detail CVE-2024-38014 0-Day Vulnerability in Windows MSI Installers Exploited in the Wild

Next.js Vulnerability CVE-2024-46982: Cache Poisoning Exploit Threatens Deployments

• Vulnerability

Next.js Vulnerability CVE-2024-46982: Cache Poisoning Exploit Threatens Deployments

Ddos September 18, 2024 0

In the fast-paced world of web development, security is a constant concern, especially for platforms that power...

Read More Read more about Next.js Vulnerability CVE-2024-46982: Cache Poisoning Exploit Threatens Deployments

PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability

• Vulnerability

PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability

Ddos September 18, 2024 0

Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently uncovered zero-day vulnerability,...

Read More Read more about PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability

The Safe C++ Extensions Proposal: Strengthening Security in a Complex Ecosystem

• Technology
• Vulnerability

The Safe C++ Extensions Proposal: Strengthening Security in a Complex Ecosystem

Ddos September 18, 2024 0

In a decisive move to address long-standing memory safety concerns, the C++ community has unveiled the Safe...

Read More Read more about The Safe C++ Extensions Proposal: Strengthening Security in a Complex Ecosystem

ASUS Joins the Ranks of CVE Numbering Authorities

• Technology
• Vulnerability

ASUS Joins the Ranks of CVE Numbering Authorities

Ddos September 18, 2024 0

ASUS has been authorized by the CVE Program as a CVE Numbering Authority (CNA), marking a significant...

Read More Read more about ASUS Joins the Ranks of CVE Numbering Authorities

CISA Warns of Actively Exploited Apache, Microsoft, and Oracle Vulnerabilities

• Vulnerability

CISA Warns of Actively Exploited Apache, Microsoft, and Oracle Vulnerabilities

Ddos September 18, 2024 0

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to federal agencies and organizations...

Read More Read more about CISA Warns of Actively Exploited Apache, Microsoft, and Oracle Vulnerabilities

LibreOffice Vulnerability (CVE-2024-7788): Exploit of “Repair Mode” Signatures Raises Security Concerns

• Vulnerability

LibreOffice Vulnerability (CVE-2024-7788): Exploit of “Repair Mode” Signatures Raises Security Concerns

Ddos September 18, 2024 0

In a newly disclosed security advisory, The Document Foundation has revealed a high-severity vulnerability (CVE-2024-7788, CVSS 7.8)...

Read More Read more about LibreOffice Vulnerability (CVE-2024-7788): Exploit of “Repair Mode” Signatures Raises Security Concerns

Microsoft Confirms CVE-2024-37985 as Zero-Day Bug in Windows

• Vulnerability

Microsoft Confirms CVE-2024-37985 as Zero-Day Bug in Windows

Ddos September 17, 2024 0

Today, Microsoft Security Response Center (MSRC) updated its security advisory to mark CVE-2024-37985 which was disclosed on...

Read More Read more about Microsoft Confirms CVE-2024-37985 as Zero-Day Bug in Windows

CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities

• Vulnerability

CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities

Ddos September 17, 2024 0

In a move that underscores the persistent threat of legacy software vulnerabilities, the U.S. Cybersecurity and Infrastructure...

Read More Read more about CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities