vulnerability
CWE vs CVE: Managing Vulnerabilities and Weaknesses
CWEs and CVEs have similarities and differences. Understanding both can help you keep your organization secure. Today’s cybersecurity professionals are tasked with constant challenge of managing and mitigating ever-changing vulnerabilities in their ...
Counterfeit Lodash attack leverages AnyDesk to target Windows users
npm packages identified by Sonatype recently are named similar to the vastly popular JavaScript library, lodash. These packages abuse typosquatting and carry within them a modified version of AnyDesk utility to target ...
CVE-2024-38856 and CVE-2024-45195 – Apache OFBiz Security Vulnerabilities – August 2024
Critical Security Vulnerabilities (CVE-2024-38856 and CVE-2024-45195) in Apache OFBiz Expose Enterprise Systems to Potential Data Breaches and Disruption of Critical Business Functions Affected Platform Apache OFBiz is an open-source framework designed for ...
CVE-2024-7971 – Google Chrome Security Vulnerability – August 2024
A critical vulnerability (CVE-2024-7971) in Google Chrome versions prior to 128.0.6613.84 allows attackers to exploit the system, posing serious security risks. Affected Platform The security vulnerability CVE-2024-7971 primarily impacts Google Chrome versions ...
Shocking SQL Injection in TSA App, Bitcoin ATM Scams Targeting Seniors
This week, we discuss a critical SQL injection vulnerability discovered in an app used by the TSA, raising ethical questions about responsible disclosure. Plus, we shed light on the alarming rise of ...
Understanding the Types of Cybersecurity Breaches
What are the different types of cybersecurity breaches, and what can your organization do to protect against them? Cybersecurity breaches have been a top concern for organizations and individuals across the world ...
Recent Critical Vulnerabilities: August 2024 CVE Roundup
Protecting Organizations with Up-to-Date CVE Awareness Reports from the National Institute of Standards and Technology (NIST) through its National Vulnerability Database (NVD) highlight critical cybersecurity vulnerabilities that demand immediate attention and underscore ...
Miggo Uncovers AWS Load Balancer Security Flaw
Miggio has discovered a configuration-based vulnerability that enables cybercriminals to bypass authentication and authorization services provided by the Application Load Balancer (ALB) from Amazon Web Services (AWS) that could affect more than ...
CVE-2024-38178 Vulnerability within Microsoft Edge
High threat level vulnerability CVE-2024-38178 discovered on Microsoft Edge browser : OFFICIAL CVE-2024-38178 PATCHING INFORMATION : A recent discovery has unveiled CVE-2024-38178, a critical vulnerability within Microsoft Windows, which impacts Internet Explorer ...
Recent Vulnerabilities in Cybersecurity: July 2024 CVE Roundup
Recent cybersecurity vulnerabilities reported on the National Institute of Standards and Technology (NIST)’s National Vulnerability Database pose significant risks to organizations worldwide. Without mitigation, data breaches and system compromises are possible. July’s ...