vulnerability
Hundreds of Clusters Attacked Due to Unpatched Flaw in Ray AI Framework
Thousands of servers running AI workloads are under attack by threat actors exploiting an unpatched vulnerability in the open-source Ray AI framework – widely used by such companies as OpenAI, Uber, Amazon, ...
Security Boulevard
CVE-2023-48788 Vulnerability Reported in FortiClientEMS
Fortinet’s FortiClient EMS product exploited via CVE-2023-48788, a critical SQL injection vulnerability : OFFICIAL CVE-2023-48788 PATCHING INFORMATION : The CISA (Cybersecurity and Infrastructure Security Agency) has alerted organizations to actively exploit ‘The ...
CVE-2024-21412 Vulnerability Reported in Defender SmartScreen
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, microsegmentation, next gen security, security, Security Research, service account protection, vulnerability, zero trust
Guarding against SmartScreen bypass (CVE-2024-21412) and DarkGate malware campaign A recent surge in cyberattacks has seen malevolent actors exploiting a vulnerability in Windows Defender SmartScreen, a critical security feature designed to protect ...
How to Streamline the Vulnerability Management Life Cycle
Alex Vakulov | | Information Security, software-vulnerabilities, System Vulnerabilities, vulnerability, Vulnerability Management
Establishing a vulnerability management process is a crucial part of an organization's cybersecurity strategy and demands thoughtful planning ...
Security Boulevard
BianLian GOs for PowerShell After TeamCity Exploitation
Drew Schmitt | | BianLian, Blog, Cybersecurity, GRIT, GRIT Blog, Incident Response & Threat Intelligence, powershell, Ransomware, SBN News, Threat Advisory, vulnerability
Contributors: Justin Timothy, Threat Intelligence Consultant, Gabe Renfro, DFIR Advisory Consultant, Keven Murphy, DFIR Principal Consultant Introduction Ever since Avast […] ...
Urgent Update: Patching Critical iOS Zero-Day Vulnerabilities
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, next gen security, security, Security Research, vulnerability
Apple rolls out crucial updates to thwart active cyberattacks exploiting kernel-level iOS zero-day vulnerabilities in iPhones In an important move to strengthen the security of iPhone users, Apple has recently released emergency ...
JetBrains TeamCity Vulnerability Requires Immediate Patching
Nik Hewitt | | advice, application protection, Best Practices, Cybersecurity, microsegmentation, next gen security, security, Security Research, vulnerability, zero trust
TeamCity, the build management and continuous integration server from JetBrains, requires immediate vulnerability patching : TeamCity 2023.11.4 Update Here : JetBrains, the leading software development company, has issued an urgent security advisory ...
NSFOCUS Research Labs Acknowledged by MSRC for Reporting Azure Database Service RCE Vulnerability
Overview NSFOCUS received acknowledgments from the Microsoft Security Response Center (MSRC) for reporting Azure Database Service RCE Vulnerability. Azure Database for PostgreSQL – Flexible Server is a relational database service based on the ...
Imperva Customers are Protected Against New SQL Injection Vulnerability in WordPress Plugin
A critical security flaw, identified as CVE-2024-1071, was discovered in the Ultimate Member plugin for WordPress, affecting over 200,000 active installations. This vulnerability has a high severity CVSS score of 9.8 and ...
The curious case of ‘csrf-magic’: A case study in supply chain poisoning
Back in the day, Ivanti disclosed CVE-2021-44529, a critical "code injection" vulnerability in its EPM Cloud Services Appliance (CSA) product ...