Sunday, July 14, 2024

Progress Telerik Report Server Flaw Let Attackers Bypass Authentication

A new vulnerability related to authentication bypass was discovered in the Progress Telerik Report server.The CVE for this vulnerability has been assigned CVE-2024-4358, and...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based management interface.This vulnerability could potentially allow authenticated, remote attackers...

Critical Flaw In Confluence Server Let Attackers Execute Arbitrary Code

The widely used team workspace corporate wiki Confluence has been discovered to have a critical remote code execution vulnerability.This vulnerability has been assigned with...

Multiple Vulnerabilities in Honeywell VirtualUOC Let Attackers Execute Remote Code

Team82 has uncovered multiple critical vulnerabilities in Honeywell's ControlEdge Virtual Unit Operations Center (UOC).These vulnerabilities within the EpicMo protocol implementation could potentially allow...

FortiOS & FortiProxy SSL-VPN Flaw Allows IP Spoofing via Malicious Packets

A critical vulnerability has been discovered in Fortinet's FortiOS SSL-VPN and FortiProxy SSL-VPN.The flaw, identified as FG-IR-23-225, allows attackers to spoof IP addresses and...
EMB3D Cybersecurity Threat Model

MITRE Releases EMB3D Cybersecurity Threat Model for Embedded Devices

In collaboration with Red Balloon Security, Narf Industries, and Niyo Little Thunder Pearson, MITRE has unveiled EMB3D, a comprehensive threat model designed to address...

Critical Cacti Vulnerability Let Attackers Execute Remote Code

Cacti, the widely utilized network monitoring tool, has recently issued a critical security update to address a series of vulnerabilities, with the most severe...

Microsoft Edge Zero-Day Vulnerability Exploited in the Wild

A zero-day vulnerability in Microsoft Edge, which has been tagged as CVE-2024-4671, has been aggressively exploited by evil organizations, according to reports.This security flaw...
Passwordless Authentication Standard FIDO2 Flaw

Passwordless Authentication Standard FIDO2 Flaw Let Attackers Launch MITM Attacks

FIDO2 (Fast Identity Online) is a passwordless authentication method developed by FIDO Alliance to prevent Man-in-the-Middle (MiTM) attacks, Phishing attacks, and session hijacking attacks.This...

Hackers Exploiting Vulnerabilities 50% Faster, Within 4.76 Days

Cybersecurity researchers are sounding the alarm that hackers are exploiting software vulnerabilities faster than ever before.A new report from Fortinet found that in...

Managed WAF protection


Recent Articles