Category: Featured
Cybersecurity Threat Advisory: Fortinet FortiClientEMS critical vulnerability
Fortinet has released security updates for an unauthorized code execution vulnerability impacting their FortiClientEMS (Endpoint Management Server) product. The vulnerability, CVE-2023-48788, is related to a flaw that allows unauthenticated malicious actors to execute code or commands onto the server via...
Tech Time Warp: Magistr “disembowels” computers
In early 2001, a nasty bug began making the rounds, hitting computer users hard with a particularly challenging payload as seen in this edition of Tech Time Warp. Magistr—sometimes called “Disemboweler” after the Swedish hacker group thought to be behind...
Survey highlights need for additional cloud security expertise
There’s an old maxim that says you can’t manage what you can’t see. That has never been truer than when it comes to cloud computing environments. That lack of visibility, however, also creates opportunities for managed service providers (MSPs) to...
Cybersecurity Threat Advisory: Critical Fortinet vulnerability
A critical vulnerability is affecting many Fortinet devices. Approximately 150,000 Fortinet OS and FortiProxy Secure Web Gateway systems are believed to be exposed to this flaw. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate the potential...
Cybersecurity Threat Advisory: OpenEdge authentication bypass vulnerability
A critical vulnerability (CVE-2024-1403) affecting Progress Software OpenEdge Authentication Gateway and AdminServer impacts versions 11.7.18 and earlier, 12.2.13 and earlier, and 12.8.0. The vulnerability allows unauthorized access due to manipulation of username and password combinations during the authentication process. Review...
Cybersecurity Threat Advisory: Critical vulnerabilities in QNAP devices
Critical authentication bypass vulnerabilities have been identified in QNAP network attached storage (NAS) devices. These flaws pose significant risks, allowing unauthorized access to affected devices. Review the recommendations in this Cybersecurity Threat Advisory to ensure your systems are secure. What...
Cybersecurity Threat Advisory: Cisco patches high-severity bug
Cisco has released security updates for a vulnerability affecting its Secure Client software. Successful exploitation could allow threat actors to steal a targeted user’s token and establish a virtual private network (VPN) session. The vulnerability tracked as CVE-2024-20337 has a...
Cybersecurity Threat Advisory: TeamCity’s server vulnerabilities
This Cybersecurity Threat Advisory highlights JetBrains’ TeamCity vulnerabilities found in the CI/CD Server. One vulnerability allows unauthenticated access to an instance while the other allows for unauthenticated information disclosure and modification. What is the threat? A critical-severity authentication bypass vulnerability...
Cybersecurity Threat Advisory: Critical vulnerabilities in VMware
VMware has released updates addressing four security flaws in ESXi, Workstation, and Fusion. Two out of the four flaws, CVE-2024-22252 and CVE-2024-22253, were identified as critical with CVSS scores of 9.3 for Workstation/Fusion and 8.4 for ESXi. This Cybersecurity Threat...
Pioneers in Tech: Carol Shaw, Atari video game designer
“I was good at math. I entered a bunch of math contests and won awards. Of course, people would say, “Gee, you’re good at math—for a girl. That was kind of annoying. Why shouldn’t girls be good at math?” This...
