Tag: critical vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical security patches for GitLab
FeaturedSecurity

Cybersecurity Threat Advisory: Critical security patches for GitLab

This Cybersecurity Threat Advisory highlights GitLab’s recent critical vulnerability, which security update have been released for. A successful exploitation can allow threat actors to mask themselves as other users during scheduled security scans while they run automated tasks (also known...

/ September 22, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New VMware Aria vulnerability identified
FeaturedSecurity

Cybersecurity Threat Advisory: New VMware Aria vulnerability identified

Today’s Cybersecurity Threat Advisory highlights an SSH authentication bypass flaw, identified as CVE-2023-34039, which has been discovered in VMware Aria. It has a severity rating of “critical” and a CVSS v3 scope of 9.8. This vulnerability allows remote attackers to...

/ September 7, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Atera RMM
FeaturedSecurity

Cybersecurity Threat Advisory: Zero-day vulnerabilities found in Atera RMM

The latest Cybersecurity Threat Advisory involves two zero-day vulnerabilities that were discovered in Atera RMM Windows installers. These two vulnerabilities are deemed critical and provide privilege escalation capabilities upon a successful exploitation. Barracuda MSP recommends updating to version 1.8.4.9 to...

/ July 26, 2023
Cybersecurity Threat Advisory
Critical Adobe ColdFusion vulnerability
FeaturedSecurity

Critical Adobe ColdFusion vulnerability

The latest cybersecurity threat advisory highlights vulnerabilities affecting Adobe ColdFusion versions 2018, 2021, and 2023, which are actively being exploited by threat actors in the wild. A successful exploitation can lead to arbitrary code execution and security feature bypass. Barracuda...

/ July 19, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical MOVEit vulnerability discovered
FeaturedSecurity

Cybersecurity Threat Advisory: Critical MOVEit vulnerability discovered

A critical vulnerability has been discovered in the MOVEit Transfer software, prompting urgent action from customers to patch their systems. This flaw, identified as CVE-2023-36934, allows an attacker to execute arbitrary commands on the affected system with elevated privileges without...

/ July 8, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released
FeaturedSecurity

Cybersecurity Threat Advisory: New FortiNAC critical vulnerability update released

A critical remote code execution vulnerability (CVE-2023-33299) with a CVSS score of 9.6 has been discovered in Fortinet’s FortiNAC product. This vulnerability poses a significant risk as it could allow an unauthenticated user to execute unauthorized code or commands by...

/ June 27, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices
FeaturedSecurity

Cybersecurity Threat Advisory: Command injection flaw in Zyxel NAS devices

Zyxel, a networking equipment manufacturer, has released urgent security updates to address critical vulnerabilities in their network-attached storage devices. CVE-2023-27992 (CVSS score: 9.8) has been declared as a pre-authentication command injection vulnerability. What is the threat? The threat involves multiple vulnerabilities...

/ June 26, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Critical MOVEit transfer vulnerability

A critical vulnerability has been discovered in MOVEit Transfer, a commonly used managed file transfer (MFT) solution developed by Progress Software. This vulnerability allows remote attackers to execute arbitrary code on affected systems. The vulnerability is actively exploited in the...

/ June 2, 2023
FeaturedSecurity

Cybersecurity Threat Advisory: Apple zero-day vulnerability

This week, Apple has released security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. This vulnerability could potentially allow threat actors to bypass...

/ December 15, 2022
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Citrix Zero-Day Vulnerability
FeaturedSecurity

Cybersecurity Threat Advisory: Citrix Zero-Day Vulnerability

Today, Citrix has released a critical security update to address a zero-day vulnerability. Upon a successful exploitation, an unauthenticated remote attacker could perform code execution leading to system takeover. Both Citrix and the NSA stated they are aware of targeted...

/ December 13, 2022
1 2 3 4 5