3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows Read more…
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In Nov 22, 2023NewsroomThreat Analysis / Vulnerability Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The Read more…
Russian Hackers Launch ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure Nov 16, 2023NewsroomCyber Warfare / Threat Intelligence Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy Read more…
VMware Warns of Unpatched Critical Cloud Director Vulnerability Nov 15, 2023NewsroomNetwork Securit / Vulnerability VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances Read more…
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now Nov 07, 2023NewsroomNetwork Security / Vulnerability Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows Read more…
QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices Nov 06, 2023NewsroomVulnerability / Data Security QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as Read more…
VMware Releases Patch for Critical vCenter Server RCE Vulnerability Oct 25, 2023NewsroomVulnerability / Cyber Threat VMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described Read more…
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms Oct 25, 2023Newsroom Critical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio, and Bukalapak, building upon previous shortcomings uncovered in Booking[.]com and Expo. The weaknesses, now addressed by the Read more…
Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data Oct 26, 2023NewsroomVulnerability / Network Security Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, Read more…
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss Oct 31, 2023NewsroomVulnerability / Data Protection Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in “significant data loss if exploited by an unauthenticated attacker.” Tracked as CVE-2023-22518, the vulnerability is rated Read more…