+84949482065
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression…
University of California San Diego (UCSD) Health has begun notifying patients that their personal data were compromised because a vendor used pixel-tracking technology on patient-facing websites. UCSD health is one…
The US Cybersecurity and Infrastructure Security Agency (CISA) has released its open source "Untitled Goose Tool," which “offers novel authentication and data gathering methods for network defenders to use as…
The REF2924 threat cluster was observed dropping a previously-unseen malware, dubbed NAPLISTENER, on entities in Southeast and South Asia. The malware evades “network-based forms of detection.” More information here https://www.elastic.co/security-labs/naplistener-more-bad-dreams-from-the-developers-of-siestagraph
The failure of Silicon Valley Bank (SVB) and Signature Bank this weekend left many of the bank's customers with questions as to how to communicate with the bank, or how…
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog: a remote code execution flaw in Plex Media Server and a…
Cloud cybersecurity experts from Wiz have detected a website hijacking campaign that uses stolen FTP (file transfer protocol) credentials to redirect users to websites of the attackers’ choosing. The campaign…
A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual…
A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through…
Docker is one of the most common container technologies in enterprise environments. Therefore, the CIS is providing benchmark tests for configuration compliance in Docker environments which are, intended for system…
