vulnerability
NIST Proposes Public-Private Group to Help with NVD Backlog
An embattled National Institute of Standards and Technology (NIST), hobbled by budget cuts, is looking for more help from both inside and outside the government. NIST is trying to manage a growing ...
Security Boulevard
XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory
Overview NSFOCUS CERT recently detected that a backdoor vulnerability in XZ Utils (CVE-2024-3094) was disclosed from the security community, with a CVSS score of 10. Because the SSH underlying layer relies on ...
Hundreds of Clusters Attacked Due to Unpatched Flaw in Ray AI Framework
Thousands of servers running AI workloads are under attack by threat actors exploiting an unpatched vulnerability in the open-source Ray AI framework – widely used by such companies as OpenAI, Uber, Amazon, ...
Security Boulevard
CVE-2024-2879: WordPress LayerSlider Vulnerability
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, next gen security, security, Security Research, vulnerability
Securing our WordPress plugins, the critical CVE-2024-2879 LayerSlider vulnerability, and the importance of bug reporting : OFFICIAL CVE-2024-2879 RELEASE INFORMATION : Within the massive WordPress ecosystem, plugins like LayerSlider play a crucial ...
CVE-2023-48788 Vulnerability Reported in FortiClientEMS
Fortinet’s FortiClient EMS product exploited via CVE-2023-48788, a critical SQL injection vulnerability : OFFICIAL CVE-2023-48788 PATCHING INFORMATION : The CISA (Cybersecurity and Infrastructure Security Agency) has alerted organizations to actively exploit ‘The ...
CVE-2024-21412 Vulnerability Reported in Defender SmartScreen
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, microsegmentation, next gen security, security, Security Research, service account protection, vulnerability, zero trust
Guarding against SmartScreen bypass (CVE-2024-21412) and DarkGate malware campaign A recent surge in cyberattacks has seen malevolent actors exploiting a vulnerability in Windows Defender SmartScreen, a critical security feature designed to protect ...
How to Streamline the Vulnerability Management Life Cycle
Alex Vakulov | | Information Security, software-vulnerabilities, System Vulnerabilities, vulnerability, Vulnerability Management
Establishing a vulnerability management process is a crucial part of an organization's cybersecurity strategy and demands thoughtful planning ...
Security Boulevard
BianLian GOs for PowerShell After TeamCity Exploitation
Drew Schmitt | | BianLian, Blog, Cybersecurity, GRIT, GRIT Blog, Incident Response & Threat Intelligence, powershell, Ransomware, SBN News, Threat Advisory, vulnerability
Contributors: Justin Timothy, Threat Intelligence Consultant, Gabe Renfro, DFIR Advisory Consultant, Keven Murphy, DFIR Principal Consultant Introduction Ever since Avast […] ...
Urgent Update: Patching Critical iOS Zero-Day Vulnerabilities
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, next gen security, security, Security Research, vulnerability
Apple rolls out crucial updates to thwart active cyberattacks exploiting kernel-level iOS zero-day vulnerabilities in iPhones In an important move to strengthen the security of iPhone users, Apple has recently released emergency ...
JetBrains TeamCity Vulnerability Requires Immediate Patching
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, microsegmentation, next gen security, security, Security Research, vulnerability, zero trust
TeamCity, the build management and continuous integration server from JetBrains, requires immediate vulnerability patching : TeamCity 2023.11.4 Update Here : JetBrains, the leading software development company, has issued an urgent security advisory ...