critical - Security World Trend Now

Rockwell Automation Issues Urgent Alert to Customers on Critical Cisco Zero-Day Vulnerability Impacting Stratix Switches

Patel Maya1 year ago012 mins

Rockwell Automation Warns Customers of Cisco Zero-Day Affecting Stratix Switches Overview Rockwell Automation, a leading industrial automation company, has issued a warning to its customers about the impact of a recently discovered zero-day vulnerability in Cisco IOS XE, a popular operating system used in their Stratix industrial switches. The vulnerability, tracked as CVE-2023-20198, allows hackers…

Government and Tech Firms Under Siege: Exploiting the Critical Citrix NetScaler Flaw

Morgan Sarah1 year ago09 mins

The IT Professional’s Blueprint for Compliance Securing the Digital Frontier: A Balancing Act In today’s interconnected world, where cyberattacks are not just a possibility but a stark reality, the burden of ensuring data security rests heavily upon the shoulders of IT professionals. They must navigate a complex landscape of ever-evolving threats, while adhering to a…

Patch Confusion: Tackling the Critical Exim Bug to Secure Email Servers

Nguyen Michael2 years ago09 mins

Disorderly Disclosure Process for Exim Vulnerabilities Raises Concerns An Overview of the Vulnerabilities and Patch Release Last week, a disorderly disclosure process led to the release of information on six vulnerabilities in the Exim mail transfer agent. The maintainers of Exim released patches for these vulnerabilities five days after the information was disclosed. Among the…

Move Over, MOVEit: WS_FTP Software Faces a Critical Progress Bug

Patel Maya2 years ago08 mins

Recent Vulnerabilities in Progress Software‘s File-Transfer Products Raise Concerns Introduction Once again, Progress Software‘s enterprise security teams are facing the urgent task of protecting organizations against critical vulnerabilities in their file-transfer software. This time, the vulnerabilities affect the widely used WS_FTP file transfer product, which is utilized by approximately 40 million people. The most severe…

Critical Vulnerabilities Patched: Strengthening Browser Security in Firefox and Chrome

Reynolds Alex2 years ago09 mins

Vulnerabilities High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome Mozilla and Google have released stable updates for the Firefox and Chrome browsers to address several high-severity memory corruption vulnerabilities. The updates include patches for various vulnerabilities, including those that could lead to potentially exploitable crashes and heap buffer overflows. Both companies have emphasized the importance…

Critical Vulnerabilities in Juniper Switches and Firewalls Enable Remote Code Execution

Nguyen Michael2 years ago09 mins

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution Overview Networking appliances manufacturer, Juniper Networks, has recently announced the release of patches for four vulnerabilities found in the J-Web interface of Junos OS. These vulnerabilities can be chained together and potentially exploited by unauthenticated, remote attackers to achieve remote code execution….

The Imperative to Safeguard 6 Critical Attack Surfaces

Patel Maya2 years ago011 mins

Cybersecurity: Safeguarding the Six Main Attack Surfaces Greater connectivity and enhanced digital operations have revolutionized the business landscape, offering numerous benefits. However, along with these advancements comes a need to defend against a broader and more dynamic range of cyber threats. While basic security hygiene can mitigate around 98% of cyberattacks, according to the Microsoft…

MOVEit Customers Warned of Third Critical Vulnerability, Urged to Patch Immediately

Emma Thompson2 years ago08 mins

Vulnerabilities in MOVEit Software Expose Customers to Unauthenticated Attacks The Latest Vulnerability Progress Software, the company behind the MOVEit file transfer software, has recently disclosed a third critical vulnerability in less than a month. Tracked as CVE-2023-35708, this vulnerability is an SQL injection flaw that could allow unauthenticated attackers to gain unauthorized access to the…

“Fortinet’s Response: Fixing the Critical FortiGate SSL VPN Vulnerability”

Nguyen Michael2 years ago07 mins

Fortinet has recently fixed a major vulnerability in FortiGate SSL VPN, tracked as CVE-2023-27997. The vulnerability was reported by French cybersecurity firm Lexfo and was discovered to allow remote code execution by an unauthenticated attacker. The risk associated with such critical vulnerabilities is grave, as several cyber adversaries, including cyberspies and cybercriminals, exploit them before…

“Unveiling the Vulnerabilities of AMD’s fTPM: A Critical Security Flaw”

Morgan Sarah2 years ago06 mins

AMD‘s Trusted Platform Module (TPM) has been found to be vulnerable, according to a report released on May 3, 2023, by researchers at the Technical University of Berlin. This revelation has implications for internet security because while TPMs were originally designed as discrete components physically attached to the motherboard to generate hardware-based encryption, they were…