+84949482065
Thousands of sites down ! Why the hell did they move cloud if this is to reproduce the same mistakes as on premise ! Cloud allows to have many availability…
Proposed legislation in the UK would establish mandatory security standards for Internet of Things (IoT) devices. The Product Security and Telecommunications Infrastructure Bill would apply to IoT manufacturers, importers, and…
The FBI has issued a Flash Alert warning of an actively exploited 0-day in FatPipe WARP, MPVPN, and IPVPN Software. An unknown threat actor has been exploiting the flaw in…
An audit of government IT operations in Palo Alto, Calif., found a lack of risk management and incident response policies, issues that local leaders voted to remedy. Other challenges found…
Mozilla has released security updates to address a vulnerability in Network Security Services (NSS). An attacker could exploit this vulnerability to take control of an affected system. Ref https://www.mozilla.org/en-US/security/advisories/mfsa2021-51/
CVE-2021-44077 is an unauthenticated remote code execution vulnerability that affects all ServiceDesk Plus versions up to, and including, version 11305. More https://us-cert.cisa.gov/ncas/alerts/aa21-336a
We already have 18,124 CVEs as of December 1, 2021. More detail https://www.cvedetails.com/browse-by-date.php
In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Ref https://github.com/wazuh/wazuh/issues/10858
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. Read here https://www.ibm.com/support/pages/node/6517470
This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the…
