A high severity SQL injection vulnerability has been patched in recent updates for Zoho ManageEngine products Password Manager Pro, PAM360, and Access Manager Plus. The software provider released a security advisory for this vulnerability where they advised customers of all three affected products to upgrade to the latest versions immediately due to the severity of […]
High Severity Vulnerability in ManageEngine Products Read More »
A recently discovered vulnerability in Synology routers configured to run as VPN servers has been given a critical severity rating and the maximum CVSS score of 10/10. Synology is a global data management and security company specialising in network attached storage (NAS) and storage area network (SAN) devices. Synology Router Manager (SRM) is the operating
Critical Vulnerability in Synology Router VPN Servers Read More »
A zero-day vulnerability has been identified in the Cisco Discovery Protocol processing feature of Cisco IP Phone series 7800 and 8800 firmware. Although a security advisory has been released by Cisco that discloses this high severity flaw, they have not yet released an update to patch it. An update is due to be released in
Cisco IP Phone Zero-Day Vulnerability Disclosed Read More »
A security update for December has been released by Google for Android that addresses 4 critical severity vulnerabilities. An additional 16 critical flaws have been patched in a Pixel update that has been released for Google Pixel devices. These 16 additional vulnerabilities patched are elevation of privilege flaws found in Pixel firmware, and LDFW, TF-A,
Android Update Patches Critical Vulnerabilities Read More »
Apple have released updates across their macOS platforms to address a vulnerability known as ‘Achilles’ that could allow malicious downloaded apps to bypass Gatekeeper security checks. A patch for this vulnerability was released in a security update last week, which can be found in macOS Ventura 13.1, macOS Monterey 12.6.2, and macOS Big Sur 11.7.2.
Apple MacOS Vulnerability Allows Gatekeeper Bypass Read More »
A critical zero-day vulnerability has been confirmed to be actively exploited by state-backed attackers to gain access to corporate networks. The National Security Agency (NSA), a branch of the US Government, have released a cybersecurity advisory to help organisations detect and mitigate attacks that exploit this vulnerability. Products affected by this flaw are Citrix ADC
Citrix Zero-Day Vulnerability Actively Exploited Read More »
A critical vulnerability in FortiOS SSL-VPN has been confirmed to be exploited in the wild by Fortinet. FortiGuard Labs, the threat and research branch of Fortinet, have published a security advisory this week warning users to immediately validate their systems against the list of indicators of compromise (IoC) which can be found in the security
Critical RCE Vulnerability Exploited in FortiOS Read More »
An update for NVIDIA GPU Display Driver was recently released, addressing 26 different security vulnerabilities, eight of which are considered high-severity flaws with a CVSS base score of between 7.1 and 8.8. Four vulnerabilities were also patched in the NVIDIA VGPU Software, 3 of which were also high-severity flaws. Last week, the Cisco Talos Intelligence
High Severity NVIDIA Driver Vulnerabilities Patched Read More »
High severity zero-day vulnerability has been found in Google Chrome for Desktop, causing Google to release their ninth emergency update so far this year to patch it. Users of Chrome on Windows, Mac, and Linux should update to the latest version of this browser, which is version 108.0.5359.94 for Mac and Linux, and version(s) 108.0.5359.94/.95
New Exploited Google Chrome Zero-Day Vulnerability Read More »
Three Android apps with over 2 million combined downloads have been found to have critical vulnerabilities that could result in remote code execution. These applications, Lazy Mouse, Telepad, and PC Keyboard, act as a remote keyboard or mouse for a desktop or laptop computer from the Android device they are installed on. Seven different vulnerabilities
Remote Code Execution Flaws in Keyboard Apps Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.