InfoSecBulletin Cybersecurity for mankind
Zimbra Collaboration revealed three new security vulnerabilities identified as CVE-2024-33533, CVE-2024-33535, and CVE-2024-33536, affecting versions 9.0 and 10.0, which could put users at risk of cross-site scripting and local file inclusion attacks. Technical Breakdown of the Vulnerabilities: CVE-2024-33533: The Zimbra webmail admin interface has a vulnerability. It doesn’t properly validate …
Read More »TimeLine Layout
August, 2024
-
15 August
Massive cyber attack hit Iran’s Central Bank and others
Iran International reported a big cyber attack that disrupted the operations of the Central Bank of Iran and other banks in the country, causing their computer systems to be crippled. This incident coincides with intensified international scrutiny of Iran’s operations in Middle East, as Teheran announced attacks on Israel unless …
Read More » -
15 August
Critical Vulnerabilities in IBM QRadar Lets Attackers Trigger ACR
IBM has released a security bulletin about several vulnerabilities in its QRadar Suite Software. The company has fixed these vulnerabilities in the most recent software update. IBM QRadar Suite Software is a cybersecurity platform that combines SIEM, SOAR, network traffic analysis, and vulnerability management. It helps in detecting threats, responding …
Read More » -
15 August
Palo Alto released advisories, urges updates amidst 34 vuls
Palo Alto Networks has warned its users about 34 vulnerabilities in their products and released four security advisories. They haven’t found any attacks yet, but it’s important for users to update their systems quickly. Certain Palo Alto products, specifically PAN-OS and GlobalProtect App, are affected by vulnerabilities. Some of these …
Read More » -
15 August
India’s telecom authority initiates a crackdown on spam calls
India’s telecom regulator has ordered service providers to block all unwanted calls from unregistered senders in a major move “to curb the increasing number of spam calls.” In case of a violation, the service providers will face disconnection of their networks for up to two years, India’s Telecom Regulatory Authority …
Read More » -
14 August
Fortinet Patches Multiple Vulnerabilities including FortiOS & Other
Fortinet has fixed vulnerabilities in its products FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiManager, and FortiAnalyzer. The vulnerabilities could be used to gain unauthorized access and increase privileges, posing a major threat to affected systems. Vulnerability Details: CVE-2022-45862 The graphical user interface (GUI) of FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager was identified as …
Read More » -
14 August
Web-Check: Magic Toolkit for Website Analysis and Security Assessment
Web-Check is a powerful tool that helps people understand and navigate websites. It is useful for developers, system administrators, security professionals, and anyone who wants to explore the intricacies of a website. Unveiling Web-Check’s Capabilities: Web-Check is a tool that efficiently investigates a URL to gather and organize a lot …
Read More » -
14 August
Microsoft Tuesday fixed 90 flaws, including 10 zero days
Microsoft on Tuesday fixed a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 …
Read More » -
13 August
(CVE-2024-7569 and CVE-2024-7570)
Ivanti flags Critical Fixes for ITSM Vulnerabilities
Ivanti issued a security advisory about two important vulnerabilities in its Neurons for IT Service Management (ITSM) platform. Customers using the on-premise version should act quickly. The vulnerabilities (CVE-2024-7569 and CVE-2024-7570) affect Ivanti Neurons for ITSM versions 2023.4 and older, putting them at risk of unauthorized data access and system …
Read More » -
11 August
Weekly Cyber Security Update: Data Breaches, Vulnerability, Cyber Attack
There are many happenings in the cyber world in the past week including Data Breaches, Vulnerability, Cyber Attack and many more. Vulnerabilities: Critical OpenVPN Vulnerabilities Microsoft Office Spoofing Vulnerability Open Source Firewall pfsense vulnerability Series Of Solar Power System Vulnerabilities Critical XSS Vulnerability Microsoft Copilot Exploitation MongoDB Vulnerability Confusion Attacks …
Read More »
