Here you will find all the articles with the tag: vulnerability.
Hackers exploit critical vulnerabilities worldwide to gain control of Ivanti VPN appliances. Compromised VPNs are in Germany, the United Kingdom, Italy, and the Netherlands. That's according to new figures from security company Censys. On Jan. 10, Ivanti announced that its product had vulnerabil... Read more
3 months ago
A known vulnerability in Ivanti Endpoint Manager Mobile is currently being actively exploited. Device management solution MobileIronCore is also vulnerable. The U.S. security regulator CISA warns of this. The vulnerability is hits many Internet-connected devices. For example, data from Shodan sh... Read more
3 months ago
Nine vulnerabilities in EDK II hit enterprise environments worldwide. Researchers at France's Quarkslab discovered that this open-source standard for the UEFI specification can be abused by malicious actors. These exploits are then very difficult to detect or remove. The nine vulnerabilities are... Read more
3 months ago
Dozens of new vulnerabilities surface every day. These vary widely, with CVE scores ranging from 0 to 10. The higher the score, the more alarming the messaging. Interestingly, the most dangerous cyber threats quite often don't achieve a high score on this scale. As an organization, how do you know ... Read more
3 months ago
A vulnerability in Juniper Networks' Junos OS operating system for its SRX and EX Series firewalls and switches allows these network devices to be attacked by hackers to execute malicious code. A vulnerability is found in the J-Web configuration tool for the firewalls and switches. This vulnerab... Read more
3 months ago
GitLab is warning users about a critical vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). The vulnerability in question, CVE-2023-7028, allows hackers to take over accounts. Patches have already been released. According to GitLab, the CVE-2023-7028 vulnerability makes ... Read more
3 months ago
A popular WordPress plug-in intended to send emails faster has been found to leave 150,000 websites vulnerable to a takeover. The developer of the POST SMTP plugin has acted swiftly, meaning a patch is already available. Wordfence reports that the vulnerability was submitted during a bug bounty ... Read more
3 months ago
Ivanti's Endpoint Management (EPM) software contains a critical vulnerability that allows hackers to hijack even the core server. This is not the first time Ivanti has been hit by a vulnerability in its software during the period of one year. Ivanti continues to find vulnerabilities in its softw... Read more
3 months ago
A global scan shows that about 11 million servers are still vulnerable to the recently discovered Terrapin SSH vulnerability. However, security experts estimate that its impact is not significant, despite the strong possibility that the vulnerability will remain present for several years. The re... Read more
4 months ago
A new form of e-mail spoofing was revealed this week: "SMTP Smuggling." The vulnerability allows threat actors to produce highly believable phishing emails. Although it seems decades past the time to move away from the ancient protocol, SMTP is here to stay. The new method bypasses email protect... Read more
4 months ago
