vulnerability
BIG-IP Vulnerability Alert: Remote Code Execution Risk
In recent news, F5 has issued a critical security alert regarding a significant BIG-IP vulnerability that poses a severe risk to their BIG-IP systems. This vulnerability, rated at 9.8 out of 10 ...
Atlassian Bug now a Perfect 10: Riot of Ransomware Raids
Step #1: Get it off the Internet—Confluence Data Center and Server on-prem products perfectly pwned, so patch ...
NextGen’s Vulnerability: Protecting Healthcare Data
In the realm of healthcare, the security and integrity of patient data are paramount. However, a recent discovery has shed light on a critical vulnerability within Mirth Connect, an open-source data integration ...
Hackers Exploit Atlassian Flaw in Cerber Ransomware Attacks
Multiple threat actors are descending on on-premises Atlassian Confluence software to exploit a critical vulnerability that was detailed and patched last week. Threat intelligence researchers from cybersecurity firms Rapid7 and GreyNoise this ...
Moving Beyond CVSS Scores for Vulnerability Prioritization
Since 2016, new vulnerabilities reported each year have nearly tripled. With the increasing number of discovered vulnerabilities, organizations need to prioritize which of them need immediate attention. However, the task of prioritizing ...
CVE-2023–4632: Local Privilege Escalation in Lenovo System Updater
Version: Lenovo Updater Version <= 5.08.01.0009Operating System Tested On: Windows 10 22H2 (x64)Vulnerability: Lenovo System Updater Local Privilege Escalation via Arbitrary File WriteAdvisory: https://support.lenovo.com/us/en/product_security/LEN-135367Vulnerability OverviewThe Lenovo System Update application is designed to ...
Salt Security: OAuth Implementation Flaw Could Lead to Account Takeover
Security flaws in the implementation of the OAuth authentication standard left hundreds of millions of users to at least three popular online sites exposed to possible account takeover by bad actors, according ...
Cisco Emergency Responder Patch: Critical Flaw Fix
Cisco has recently provided a series of key security upgrades aimed at correcting a notable vulnerability inside its Cisco Emergency Responder (CER) in an earnest effort to enhance the security of essential ...
Top 10 open source projects hit by HTTP/2 ‘Rapid Reset’ zero-day
Executive summary In this blog post we list at least 10 open source packages affected by the HTTP/2 'Rapid Reset' vulnerability, disclosed by Cloudflare this week ...
GNOME Libcue Flaw is a Risk to Linux Systems
A flaw in a relatively obscure component of the popular GNOME desktop environment for Linux could allow bad actors to gain control of the system if exploited ...
