Collaborate Disseminate
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution fl… Continue reading Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
Here’s a look at the most interesting products from the past month, featuring releases from: Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, NETGEAR, Nudge Security, P… Continue reading Infosec products of the month: September 2024
After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, un… Continue reading CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE
Tenable launched Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by Tenable Security Center, Tenable Enclave Security p… Continue reading Tenable Enclave Security enables discovery, assessment and analysis of IT assets
Here’s a look at the most interesting products from the past week, featuring releases from Druva, Huntress, Ketch, LOKKER, Tenable, Trellix, and Wing Security. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins Tenab… Continue reading New infosec products of the week: September 13, 2024
Tenable released AI Aware, advanced detection capabilities designed to surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management. Tenable AI Aware provides exposure insight into AI applicati… Continue reading Tenable AI Aware provides exposure insight into AI applications, libraries and plugins
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (CVE… Continue reading Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
The internet-facing assets were found to be susceptible to potential exploitation in a sample of 90 banking and financial services organisations. Continue reading Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks
Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB, t… Continue reading Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)
August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly known. The zero-days under attack CVE-2024-38178 is a Scripting Engine Memory … Continue reading Microsoft fixes 6 zero-days under active attack