Category Archives: week in review

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two … Continue reading Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) Synology has released fixes for an unauthenticated “zero-click” remote … Continue reading Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patching problems: The “return” of a Windows Themes spoofing vulnerability Despite two patching attempts, a security issue that may allow attackers to com… Continue reading Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last couple of days, Fortinet has released critical security… Continue reading Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) Last week, CISA added CVE-2024-23113 – a critical vulnerability that… Continue reading Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 2024 Patch Tuesday, Microsoft has released fixes for 11… Continue reading Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the month by announcing the release of Windows 11 24H2…. Continue reading Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available… Continue reading Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be… Continue reading Week in review: Critical VMware vCenter Server bugs fixed, Apple releases iOS 18→

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-2024-40711, a critical vulnerability affecting Vee… Continue reading Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days→