Intel released 41 security advisories this Patch Tuesday, which contain information about over 90 vulnerabilities in their products. The company has fixed most of the vulnerabilities with patches and provided some mitigations for others. The most significant flaw is CVE-2024-22476. It is rated as ‘critical’ and has a severity score …
Read More »
Adobe released security updates for the vulnerabilities in Adobe software. Bad actors could exploit some of these vulnerabilities taking control of an affected system. Adobe encourage the users to review the following Adobe Security Bulletins and apply necessary updates: Adobe Acrobat and Reader Adobe Illustrator Substance 3D Painter Adobe Aero …
Read More »
A vulnerability has been discovered in Fortinet’s FortiOS SSL-VPN and FortiProxy SSL-VPN. The flaw is identified as FG-23-225 which allows attackers to spoof IP addresses and bypass security controls by sending specially crafted packets. According to the advisory published by Fortinet, An insufficient verification of data authenticity vulnerability [CWE-345] in …
Read More »
Microsoft patched May 2024 Tuesday including updates for 61 flaws and three publicly disclosed zero days. This update fixed Microsoft SharePoint Server Remote Code Execution Vulnerability. Category wise vulnerabilities are listed below: 17 Elevation of Privilege Vulnerabilities 2 Security Feature Bypass Vulnerabilities 27 Remote Code Execution Vulnerabilities 7 Information Disclosure …
Read More »
Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its active exploitation in the wild decreased to just 4.76 days a 43% reduction compared to the 1st half of the year. Fortinet’s 2H Global landscape report indicate that hackers to …
Read More »
Google released an urgent security update for Chrome browser. The update fixes a critical vulnerability that is already being exploited by hackers. The vulnerability, known as CVE-2024-4671, is a bug in the browser’s Visuals component. CVE-2024-4671 is a type of vulnerability referred to as “use after free” in the Visuals …
Read More »
A security breach has been reported, with a threat actor claiming to be selling a database with 49 million customer records from Dell. The data includes information on systems bought from Dell between 2017 and 2024. According to Daily dark web, recent data obtained from Dell servers includes sensitive personal …
Read More »
Eclypsium recently found flaws in F5’s BIG-IP Next Central Manager, which could let attackers take control of the network. BIG-IP is a product line from F5 that includes software and hardware for managing, securing, and optimizing applications across networks. The Next Central Manager is a key control point for tasks …
Read More »
Samsung has patched 25 vulnerabilities in its mobile devices. This is to strengthen them against code execution and privilege escalation attacks. Samsung is continuously working to improve the security of its smartphones and tablets, protecting the safety and privacy of its users. Samsung recently disclosed vulnerabilities, known as Samsung Vulnerabilities …
Read More »
The 2024 Olympic Games in Paris are coming soon. A recent cybersecurity assessment by Outpost24, a provider of cyber threat exposure management solutions, has raised concerns about the online infrastructure of the games. Outpost24 has identified critical vulnerabilities in the security posture, despite it being considered “mostly secure”. These vulnerabilities …
Read More »
InfoSecBulletin Cybersecurity for mankind
