+84949482065
On Sunday, January 26, New York Blood Center Enterprises (NYBCe) detected suspicious activity on their IT systems; third-party investigators confirmed the incident was ransomware. NYBCe provides blood products to more…
The South African Weather Service (SAWS), South Africa’s government-operated weather service, has been disrupted by a cyberattack. SAWS is a critical service for the country’s transportation and agricultural sectors as…
Sam Curry and Shubham Shah have released a report demonstrating a now-patched vulnerability in Starlink, Subaru's multipurpose onboard services system, that would have allowed an attacker to remotely manipulate any…
Researchers from the University of Florida and North Carolina State University have identified nearly 120 vulnerabilities in the LTE / 5G core infrastructure. The flaws affect seven LTE implementations and…
Microsoft has published a reminder that driver synchronization updates via Windows Server Update Services (WSUS) will be deprecated as of April 18, 2025. Microsoft initially announced the deprecation in June…
On Tuesday, January 21, Oracle released their quarterly Critical Patch Update. The release addresses more than 300 vulnerabilities across Oracle’s product and service lines. Among the vulnerabilities fixed in the…
On Wednesday, January 22, Cisco released updates to address three vulnerabilities: a critical privilege elevation issue in the REST API of Cisco Meeting Management; a high-severity denial-of-service vulnerability in the…
According to data gathered by the Shadowserver Foundation, 48,457 Fortinet FortiGate firewalls remain unpatched against a known authentication bypass vulnerability. The vulnerability was disclosed earlier this month; Fortinet released an…
On January 17, the US Cybersecurity & Infrastructure Security Agency (CISA) and the FBI published version 2.0 of "Product Security Bad Practices," revised to include information from 78 suggestions received…
Silverfort researchers revealed a bypass for Microsoft's Active Directory Group Policy disabling NTLMv1, exploiting a misconfigured Netlogon Remote Protocol setting. Despite policy restrictions, applications can re-enable NTLMv1, risking relay attacks.…
