UnitedHealth confirmed that the ransomware attack on its Change Healthcare unit last February impacted about 190 million Americans, nearly double earlier estimates. The U.S. health insurance company confirmed the latest figures to TechCrunch on Friday after the markets closed. “Change Healthcare has determined the estimated total number of individuals impacted …
Read More »Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass
An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices’ firmware as well as misconfigured security features. “These weren’t obscure, corner-case vulnerabilities,” security vendor Eclypsium said in a report. “Instead these were very well-known issues that we wouldn’t expect …
Read More »
CVE-2025-20156
Cisco Fixes Meeting Management Allowing Privilege Escalation
Cisco has released a security advisory concerning a critical privilege escalation vulnerability (CVE-2025-20156) in its Meeting Management software. With a daunting CVSS score of 9.9, this vulnerability poses a significant risk, as it could enable remote, authenticated attackers with minimal privileges to elevate their access to administrator status on compromised …
Read More »126 Linux kernel Vulns Allow Attackers Exploit 78 Linux Sub-Systems
Ubuntu 22.04 LTS users are advised to update their systems right away due to a crucial security patch from Canonical that fixes critical vulnerabilities in the Linux kernel for Xilinx ZynqMP processors. The Linux kernel for Xilinx Zynq UltraScale+ MPSoC is customized to support the features and hardware of these …
Read More »CERT-UA alerts about “security audit” requests through AnyDesk
Attackers are pretending to be Ukraine’s Computer Emergency Response Team (CERT-UA) using AnyDesk to access target computers. “Unidentified individuals are sending connection requests via AnyDesk under the pretext of conducting a ‘security audit to verify the level of protection,’ using the name ‘CERT.UA,’ the CERT-UA logo, and the AnyDesk ID …
Read More »Oracle Critical Pre-Release update addressed 320 flaw
Oracle Critical Patch Update Pre-Release Announcement shares details about the upcoming update scheduled for January 21, 2025. Note that this information may change before the official advisory is released. A Critical Patch Update contains patches for various security vulnerabilities. This update includes 320 new patches, some of which affect multiple …
Read More »Intel holds 22 employees from one Bangladeshi University
Intel Corporation is a leading semiconductor chip manufacturer, employing at least 22 graduates from the Department of Applied Chemistry and Chemical Engineering at Dhaka University, with 9 at its headquarters. Their presence is due not only to individual skills and hard work but also to the department’s robust curriculum, research …
Read More »VPN Surge 1500% in USA after TikTok Shut Down
vpnMentor’s Research Team is monitoring the potential TikTok ban in the U.S., driven by national security and data privacy issues. ByteDance, TikTok’s Chinese parent company, is under pressure to sell its U.S. operations by January 19, 2025, or face a ban due to concerns about user data security and possible …
Read More »Microsoft January 2025 Patch, 159 Vuls, 10 Critical RCE’s
Microsoft’s January Patch Tuesday update fixed 159 vulnerabilities, including 10 critical Remote Code Execution (RCE) issues. These updates are essential for protecting Windows and related software from exploitation. Key Highlights of December 2024 Patch Tuesday Updates: CVE-2025-21362 & CVE-2025-21354: Both issues are vulnerabilities in Microsoft Excel that allow remote code …
Read More »
CVE-2023-37936
Fortinet released update for a critical cryptographic key vuln
Fortinet released security patches for a critical vulnerability (CVE-2023-37936) involving a hard-coded cryptographic key. This flaw lets remote, unauthorized attackers use the key to execute unauthorized code through specially crafted cryptographic requests. The use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through …
Read More »
InfoSecBulletin Cybersecurity for mankind