+44 (0)203 88 020 88

Menu

Search

February 2023

Citrix Privilege and Access Control Vulnerabilities

Security vulnerabilities have been identified in Citrix Virtual Apps and Desktops, and Citrix Workspace app for Windows and Linux. A total of 4 vulnerabilities have been addressed in the latest updates for these Citrix products which if exploited would allow attackers to perform elevation of privileges and take control of the system. These flaws have […]

Citrix Privilege and Access Control Vulnerabilities Read More »

FortiNAC and FortiWeb Code Execution Flaws Patched

Fortinet has released two security updates to patch two critical severity vulnerabilities across their FortiNAC and FortiWeb products. Fortinet are a cybersecurity company that offer a range of products and solutions to improve the security of their customers. FortiNAC is a zero-trust Network Access Control solution used by organisations to enforce security policies, detect and

FortiNAC and FortiWeb Code Execution Flaws Patched Read More »

Microsoft Patch Critical and Zero-Day Vulnerabilities

Microsoft have warned users of four new critical severity vulnerabilities in their products that could result in remote code execution (RCE). These flaws with a CVSS base score of 9.8/10 were patched in this week’s patch Tuesday update along with other RCE flaws, and three high severity zero-day vulnerabilities with publicly disclosed exploits. Microsoft have

Microsoft Patch Critical and Zero-Day Vulnerabilities Read More »

Emergency Updates Released to Patch Apple Zero-Day

A zero-day vulnerability has been identified in some versions of iOS, iPadsOS, macOS, and Safari. Apple have confirmed they are aware of reports of this vulnerability being actively exploited in the wild. Emergency security updates have been released this week to patch this vulnerability as soon as possible across all affected devices. Apple publish all

Emergency Updates Released to Patch Apple Zero-Day Read More »

Google Ads Spread Detection Evading Malware

Cyber criminals are abusing the Google Ads system to spread malware in what is known as ‘malvertising’ attacks. As the Google Ads display first before the search results, victims can be conned into clicking onto a fake site when searching for software via Google’s search engine. The malicious websites are designed to impersonate legitimate websites,

Google Ads Spread Detection Evading Malware Read More »

Jira Service Management Authentication Vulnerability

A broken authentication vulnerability has been identified in Jira Service Management Server and Data Center versions after 5.3.0. Atlassian Support have published a security advisory to inform users of this vulnerability, which they have rated as critical severity, with a CVSS base score of 9.4. Versions of Jira Service Management Server and Data Center affected

Jira Service Management Authentication Vulnerability Read More »

Critical Code Injection Flaw on QNAP NAS Devices

QNAP have released a security advisory this week to warn users of a critical severity vulnerability affecting operating system versions QTS 5.0.1 and QuTS hero h5.0.1. Firmware updates for the affected systems have been released, which can be downloaded for supported NAS models to patch this flaw. Users of affected systems should update their devices

Critical Code Injection Flaw on QNAP NAS Devices Read More »

VMware Patch Remote Code Execution Vulnerabilities

Multiple vulnerabilities have been patched in a new update for VMware vRealize Log Insight last week, some of which can be chained into an attack that results in remote code execution on unpatched systems. VMware vRealize Log Insight is an administrative tool for log analysis and infrastructure management also known as VMware Aria Operations for

VMware Patch Remote Code Execution Vulnerabilities Read More »

0

No products in the basket.

No products in the basket.