+44 (0)203 88 020 88

Menu

Search

May 2023

Zyxel Patch Critical Buffer Overflow Vulnerabilities

Zyxel firewall and VPN products have been found to contain two critical severity buffer overflow vulnerabilities that could be exploited by unauthenticated attackers. The affected products include ATP, USG FLEX, USG FLEX50(W) and USG20(W)-VPN, VPN, and ZyWall/USG. Zyxel have released a security advisory to inform users of these products about these vulnerabilities, and which patch […]

Zyxel Patch Critical Buffer Overflow Vulnerabilities Read More »

Critical Flaws in D-View Network Management Suite

D-View network management suite, developed by D-Link, has received a security update to patch two critical severity vulnerabilities. D-View can be used to control device configurations, monitor performance, and create network maps, as well as for other administrative network management tasks. These operations require access to devices and network components with high privileges so the

Critical Flaws in D-View Network Management Suite Read More »

Managing Supply Chain Attacks with Cyber Security

Supply chain security is an important but often overlooked step of cyber security risk management. Incidents that affect your suppliers can have as much of a damaging impact on your organisation as a direct attack would. Understanding your supply chain, and the points at which vulnerabilities can be introduced and exploited, is a key step

Managing Supply Chain Attacks with Cyber Security Read More »

Maximum Severity Flaw Patched in GitLab

A vulnerability affecting GitLab Community and Enterprise Editions, has been assigned the highest possible CVSS score of 10.0. GitLab is a web-based Git repository used for remote code management by developers and their teams, with approximately 30 million registered users. GitLab have released an emergency security update to address this critical flaw which they advise

Maximum Severity Flaw Patched in GitLab Read More »

Actively Exploited Flaws Patched in Apple Devices

The latest software updates released by Apple for macOS, iOS, iPadOS, Safari, tvOS, and watchOS contain patches for three zero-day vulnerabilities that are known to be actively exploited in attacks. These vulnerabilities exist within the WebKit browser engine used by Safari, and other macOS and iOS applications. Currently the CVE information about these vulnerabilities is

Actively Exploited Flaws Patched in Apple Devices Read More »

Windows Security Feature Bypass Vulnerability

Attackers are targeting a pair of Windows bugs that can be exploited simply by sending a malicious email to the victim, allowing the attacker to steal the users Windows credentials. A vulnerability in the MSHTML / EdgeHTML component used in Microsoft products such as Internet Explorer (now retired), WebBrowser control, Microsoft Edge, and other legacy applications

Windows Security Feature Bypass Vulnerability Read More »

New Botnet Campaign uses Critical Ruckus Flaw

Researchers at Fortinet have identified a new botnet campaign that utilises a Ruckus remote code execution (RCE) vulnerability to install malware and perform distributed denial of service (DDoS) attacks. This botnet is known as AndoryuBot due to the filename ‘Andoryu’ being used for the malware installed in this attack. It was first seen in attacks

New Botnet Campaign uses Critical Ruckus Flaw Read More »

Linux Kernel Vulnerability Allows Elevation to Root

A vulnerability has been identified in NetFilter, a packet filtering and NAT (Network Address Translation) framework within the Linux kernel. This vulnerability can allow local users to escalate privileges to gain root level access, resulting in complete control over the vulnerable system. Multiple Linux kernel releases are affected by this flaw, including the most recent

Linux Kernel Vulnerability Allows Elevation to Root Read More »

0

No products in the basket.

No products in the basket.