Tag: vulnerability

Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Exploited Microsoft zero-day flaw

Cybersecurity Threat Advisory: Exploited Microsoft zero-day flaw

The hacker group Lazarus recently exploited a patched, zero-day flaw in Microsoft Windows. The vulnerability, tracked as CVE-2024-38193 with a CVSS score of 7.8, is a Bring Your Own Vulnerable Driver (BYOVD) vulnerability for Winsock. Continue reading this Cybersecurity Threat...

/ August 21, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Critical Exim Mail Server vulnerability

Cybersecurity Threat Advisory: Critical Exim Mail Server vulnerability

A critical vulnerability known as CVE-2024-39929 has been identified in Exim Mail Server, impacting versions 4.87 to 4.95.1. This vulnerability enables attackers to bypass security filters, posing a significant risk to email communications and the security of over 15 million...

/ July 17, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: RCE vulnerability in Ghostscript

Cybersecurity Threat Advisory: RCE vulnerability in Ghostscript

A Ghostscript remote code execution (RCE) vulnerability, tracked as CVE-2024-29510 (with a CVSS rating of 5.5), is currently being exploited. This exploit can allow attackers to bypass the -dSAFER sandbox and execute code remotely. Review this Cybersecurity Threat Advisory to...

/ July 9, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Foxit PDF Reader vulnerability

Cybersecurity Threat Advisory: Foxit PDF Reader vulnerability

A critical Foxit PDF Reader vulnerability are generating unusual pattern of behaviors. This exploit triggers security warnings designed to deceive users to execute harmful commands. Read this Cybersecurity Threat Advisory to learn recommendations to minimize your risks. What is the...

/ May 23, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: R programming vulnerability

Cybersecurity Threat Advisory: R programming vulnerability

A critical security flaw known as CVE-2024-27322 with a CVSS score of 8.8, has been discovered within the R programming language. Attackers can craft malicious RDS files or R packages that embed arbitrary R code. Barracuda MSP recommends reading this...

/ May 2, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: New vulnerability in Apple M-chip

Cybersecurity Threat Advisory: New vulnerability in Apple M-chip

A new security exploit, GoFetch, was found in Apple’s M-chip architecture. It takes advantage of data memory-dependent prefetchers (DMPs) and could use the device as a new attack vector. Continue reading this Cybersecurity Threat Advisory to learn how you can...

/ March 27, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: Glibc root access vulnerability

Cybersecurity Threat Advisory: Glibc root access vulnerability

A critical security flaw in the GNU C Library (glibc) has been disclosed, tracked as CVE-2023-6246. It allows malicious attackers to gain full root access on Linux machines. Read this Cybersecurity Threat Advisory to learn how to mitigate the risks...

/ February 1, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability

Cybersecurity Threat Advisory: High-severity WebRTC vulnerability

A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive...

/ January 10, 2024
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: VMware critical code vulnerability

Cybersecurity Threat Advisory: VMware critical code vulnerability

VMware has published a security advisory regarding a critical out-of-bounds write vulnerability (CVE-2023-34048) that has been fixed in the latest updates by VMware. The vulnerability shared in this Cybersecurity Threat Advisory has received a critical severity rating by VMware. It...

/ November 1, 2023
Cybersecurity Threat Advisory
Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered

Cybersecurity Threat Advisory: 3 High-severity CISCO vulnerabilities discovered

In the latest Cybersecurity Threat Advisory, Cisco has addressed three high-severity vulnerabilities within its NX-OS and FXOS software, which have the potential to trigger denial-of-service (DoS) conditions. These vulnerabilities could be exploited by malicious actors to disrupt the normal functioning...

/ August 29, 2023