Monday , December 23 2024

infosecbulletin

CERT-In Flags Critical Vulnerabilities in Adobe, IBM WebSphere, and Joomla

vulnarabilities

The Indian Computer Emergency Response Team (CERT-In) has warned Adobe users about a high-risk cybersecurity issue. Adobe recently found serious security problems in various versions of their software, including Adobe Premiere Pro, Adobe InDesign, and Adobe Bridge. CERT-In classifies the vulnerabilities as “HIGH” severity and advises users to act quickly …

Read More »

Hacker transfer 16.5 Crore from India’s Nainital bank’s Noida branch

Thana

A massive cyber heist has hit at India’s Nainital Bank’s Noida branch, where over â‚ą16 crore was stolen after hackers accessed the servers and transferred the money to 89 different accounts. Cybercriminals hacked the bank’s RTGS channel by stealing the manager’s login details and stole â‚ą16.5 crore from June 16 …

Read More »

(CVE-2024-39929)
Critical Exim Vulnerability Impacts 1.5 Million Mail Servers

coding

Censys has warned that more than 1.5 million Exim mail transfer agent (MTA) instances are vulnerable to a critical security issue. This vulnerability allows threat actors to bypass security filters. Exim developers fixed a security flaw, tracked as CVE-2024-39929, impacting versions up to 4.97.1. The vulnerability is caused by not …

Read More »

AT&T data breach exposes call logs of 109 million customers

At&T

AT&T, an American telecom service provider, has confirmed a data breach. The data approximately 109 million almost all its wireless customers and customers of mobile virtual network operators (MVNOs) who use AT&T’s wireless network was accessed by threat actors. AT&T’s MVNOs include Black Wireless, Boost Infinite, Consumer Cellular, Cricket Wireless, …

Read More »

CVE-2024-5910
Critical Vulnerability Threatens Palo Alto Networks’ Expedition

Palo alto network

Palo Alto Networks has issued a critical security advisory outlining numerous vulnerabilities across its product lines, such as PAN-OS, Cortex XDR, and Expedition. These weaknesses vary in severity and potential impact, but collectively present a significant risk to organizations that depend on Palo Alto’s solutions. CVE-2024-5910: Missing Authentication in Expedition …

Read More »

Vulnerabilities in GitLab Allows Attackers to Execute Unauthorized Pipelines

Gitlab

GitLab has issued a warning about a serious vulnerability in its GitLab Community and Enterprise editions. This vulnerability allows attackers to execute pipeline jobs as if they were another user. GitLab’s DevSecOps platform is used by more than 30 million registered users, including T-Mobile, Goldman Sachs, Airbus, Lockheed Martin, Nvidia, …

Read More »