A bank employee accesses the personal information of several dozen customers. The person did that for the time being before being noticed. TD Bank reimbursed its clients after finding out that one of its employees accessed the personal information of some customers. The bank, based in New Jersey, stated that …
Read More »
CVE-2024-33533 to 33536
Zimbra Users at Risk of XSS and LFI Attacks
Zimbra Collaboration revealed three new security vulnerabilities identified as CVE-2024-33533, CVE-2024-33535, and CVE-2024-33536, affecting versions 9.0 and 10.0, which could put users at risk of cross-site scripting and local file inclusion attacks. Technical Breakdown of the Vulnerabilities: CVE-2024-33533: The Zimbra webmail admin interface has a vulnerability. It doesn’t properly validate …
Read More »Massive cyber attack hit Iran’s Central Bank and others
Iran International reported a big cyber attack that disrupted the operations of the Central Bank of Iran and other banks in the country, causing their computer systems to be crippled. This incident coincides with intensified international scrutiny of Iran’s operations in Middle East, as Teheran announced attacks on Israel unless …
Read More »Critical Vulnerabilities in IBM QRadar Lets Attackers Trigger ACR
IBM has released a security bulletin about several vulnerabilities in its QRadar Suite Software. The company has fixed these vulnerabilities in the most recent software update. IBM QRadar Suite Software is a cybersecurity platform that combines SIEM, SOAR, network traffic analysis, and vulnerability management. It helps in detecting threats, responding …
Read More »Palo Alto released advisories, urges updates amidst 34 vuls
Palo Alto Networks has warned its users about 34 vulnerabilities in their products and released four security advisories. They haven’t found any attacks yet, but it’s important for users to update their systems quickly. Certain Palo Alto products, specifically PAN-OS and GlobalProtect App, are affected by vulnerabilities. Some of these …
Read More »India’s telecom authority initiates a crackdown on spam calls
India’s telecom regulator has ordered service providers to block all unwanted calls from unregistered senders in a major move “to curb the increasing number of spam calls.” In case of a violation, the service providers will face disconnection of their networks for up to two years, India’s Telecom Regulatory Authority …
Read More »Fortinet Patches Multiple Vulnerabilities including FortiOS & Other
Fortinet has fixed vulnerabilities in its products FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiManager, and FortiAnalyzer. The vulnerabilities could be used to gain unauthorized access and increase privileges, posing a major threat to affected systems. Vulnerability Details: CVE-2022-45862 The graphical user interface (GUI) of FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager was identified as …
Read More »Web-Check: Magic Toolkit for Website Analysis and Security Assessment
Web-Check is a powerful tool that helps people understand and navigate websites. It is useful for developers, system administrators, security professionals, and anyone who wants to explore the intricacies of a website. Unveiling Web-Check’s Capabilities: Web-Check is a tool that efficiently investigates a URL to gather and organize a lot …
Read More »Microsoft Tuesday fixed 90 flaws, including 10 zero days
Microsoft on Tuesday fixed a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 …
Read More »
(CVE-2024-7569 and CVE-2024-7570)
Ivanti flags Critical Fixes for ITSM Vulnerabilities
Ivanti issued a security advisory about two important vulnerabilities in its Neurons for IT Service Management (ITSM) platform. Customers using the on-premise version should act quickly. The vulnerabilities (CVE-2024-7569 and CVE-2024-7570) affect Ivanti Neurons for ITSM versions 2023.4 and older, putting them at risk of unauthorized data access and system …
Read More »