+84949482065
In late December, GitHub learned through its Bug Bounty program about a vulnerability that allowed access to environment variables in a production container. GitHub.com has been patched and affected credentials…
Researchers from Bishop Fox has observed that nearly 180,000 SonicWall firewalls have not been patched against two stack-based buffer overflow vulnerabilities. SonicWall released advisories with fixes for the vulnerabilities in…
A pair of vulnerabilities in Ivanti Connect Secure and Policy Secure are being actively exploited. There are currently no fixes available for the authentication bypass and command injection vulnerabilities. Ivanti…
HealthEC LLC, “a population health technology company that provides services to other entities,” has reported a data security breach that affects nearly 4.5 million patients. The incident occurred in July…
The LastPass password manager application is now requiring that all master passwords have a minimum length of 12 characters. Although the 12-character minimum has been the LastPass default since 2018,…
The Israel-linked Predatory Sparrow group claimed to have paralyzed around 70% of 33,000 gas stations across Iran in a cyberattack and gained access to payment systems and management servers. More…
Ivanti has fixed 22 vulnerabilities in their Avalanche mobile device management product. More than half of the vulnerabilities are rated critical. The flaws affect all supported versions of Avalanche; users…
Following Broadcom’s acquisition of VMware, perpetual licenses will no longer be an option for VMware customers. Instead, the company is moving to a subscription licensing model. Customers who currently hold…
Four months after the QakBot botnet was disrupted, the QakBot malware is once again being distributed via a phishing campaign. In August, the FBI, along with law enforcement agencies from…
Comcast says that personal information belonging to nearly 36 million Xfinity customers was compromised in a mid-October data security breach. The attackers exploited a known buffer overflow vulnerability that allows…
