Fortinet has fixed vulnerabilities in its products FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiManager, and FortiAnalyzer. The vulnerabilities could be used to gain unauthorized access and increase privileges, posing a major threat to affected systems. Vulnerability Details: CVE-2022-45862 The graphical user interface (GUI) of FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager was identified as …
Read More »Web-Check: Magic Toolkit for Website Analysis and Security Assessment
Web-Check is a powerful tool that helps people understand and navigate websites. It is useful for developers, system administrators, security professionals, and anyone who wants to explore the intricacies of a website. Unveiling Web-Check’s Capabilities: Web-Check is a tool that efficiently investigates a URL to gather and organize a lot …
Read More »Microsoft Tuesday fixed 90 flaws, including 10 zero days
Microsoft on Tuesday fixed a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 …
Read More »
(CVE-2024-7569 and CVE-2024-7570)
Ivanti flags Critical Fixes for ITSM Vulnerabilities
Ivanti issued a security advisory about two important vulnerabilities in its Neurons for IT Service Management (ITSM) platform. Customers using the on-premise version should act quickly. The vulnerabilities (CVE-2024-7569 and CVE-2024-7570) affect Ivanti Neurons for ITSM versions 2023.4 and older, putting them at risk of unauthorized data access and system …
Read More »Weekly Cyber Security Update: Data Breaches, Vulnerability, Cyber Attack
There are many happenings in the cyber world in the past week including Data Breaches, Vulnerability, Cyber Attack and many more. Vulnerabilities: Critical OpenVPN Vulnerabilities Microsoft Office Spoofing Vulnerability Open Source Firewall pfsense vulnerability Series Of Solar Power System Vulnerabilities Critical XSS Vulnerability Microsoft Copilot Exploitation MongoDB Vulnerability Confusion Attacks …
Read More »New Malware Infect over 300,00 Chrome & Edge Users
A new malware campaign is currently installing fake Google Chrome and Microsoft Edge extensions through a trojan found on fake websites posing as popular software. “The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal …
Read More »Microsoft discloses an unpatched Office zero-day
A high-severity zero-day vulnerability has been found affecting Office 2016 and later. Microsoft is currently working on a patch to fix this issue. The vulnerability, known as CVE-2024-38200, could let unauthorized people access protected data like system status, configuration data, personal information, or connection metadata. This zero-day affects different 32-bit …
Read More »0.0.0.0 Day: Exploiting Localhost APIs From the Browser
A recent study found a vulnerability in major internet browsers that has existed for 18 years. This vulnerability makes private and corporate networks open to cyberattacks. Researchers from Oligo Security discovered that hackers can take advantage of how browsers handle requests to the IP address 0.0.0.0 by redirecting them to …
Read More »CISA, FBI released joint advisory for Blacksuit ransomware
The FBI and CISA updated their advisory to confirm that the Royal ransomware group now goes by the name “BlackSuit” and still demands very high ransom amounts, up to $60 million. The advisory has new technical information to help defenders detect the activity of the group, known as Royal ransomware …
Read More »DATA CENTER ALERT: AMD Patches Security Flaws in EPYC Processors
AMD has released a security bulletin about three possible vulnerabilities in its Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) technology. A researcher found vulnerabilities that could let a malicious hypervisor controlled by the host system access or modify the memory of a guest VM. This poses big risks to …
Read More »