Trusted Cyber Security Experts
25+ Years Industry Experience
Ethical, Professional & Pragmatic
Palo Alto Networks PAN-OS RCE Vulnerability (CVE-2024-5910)
Palo Alto Networks has issued an urgent advisory to its customers, highlighting a potential remote code execution (RCE) vulnerability within the PAN-OS management interface. The cybersecurity firm advises organisations to
Critical VMware vCenter Server Vulnerability (CVE-2024-38812) Poses Serious Risk
The CVE-2024-38812 vulnerability is a critical flaw that exposes VMware vCenter Servers to serious security risks, including remote code execution and full system compromise. Organisations using VMware’s virtualisation tools must
Critical Microsoft SharePoint Vulnerability (CVE-2024-38094) Creates Remote Code Execution Threat
The recently disclosed vulnerability, CVE-2024-38094, in Microsoft SharePoint presents a significant threat to organisations by allowing attackers to execute remote code on compromised servers. This flaw stems from improper input
Nation-State Attackers Exploiting Critical Infrastructure: A Growing Threat
Nation-state cyberattacks on critical infrastructure are becoming increasingly sophisticated and destructive, as highlighted by recent reports. In October 2024, attackers began exploiting vulnerabilities in Ivanti software used by critical sectors,
Apple Patches VoiceOver Bug That Could Read Passwords Aloud
Apple has recently addressed a significant vulnerability in its VoiceOver feature that raised privacy concerns for iPhone and iPad users. The flaw, identified as CVE-2024-44204, allowed the VoiceOver accessibility tool
Latest Snapekit Rootkit Poses Threat to Arch Linux Users
A newly discovered rootkit known as “Snapekit” has emerged, posing a significant risk to users of Arch Linux systems, particularly those running the 6.10.2-arch1-1 kernel. According to reports from multiple
Cyber Essentials – What’s Changed in the Latest Willow Question Set?
Recently, IASME has introduced their latest Willow question set for the NCSC Cyber Essentials Self-Assessment Certification, which will replace the current (Montpelier) questions on the 28th April, 2025. The updates
NVIDIA Vulnerability CVE-2024-0132: A Deep Dive into the Threat and Mitigation
In September 2024, NVIDIA disclosed a critical security flaw, CVE-2024-0132, affecting its NVIDIA Container Toolkit. This vulnerability has sent shockwaves through the IT and cybersecurity communities due to its severity
Meta Fined €91 Million for Failing to Properly Protect User Passwords
Meta, the parent company of Facebook and Instagram, has been hit with a significant €91 million (£79 million) fine by Ireland’s Data Protection Commission (DPC) after an investigation revealed serious
WinRAR Remote Code Execution Flaw Patched
A high severity vulnerability has been found in RARLAB’s popular Windows file archiver WinRAR. Security researchers at the Zero Day Initiative who first identified this vulnerability in June have published
Stack-Based Buffer Overflows in Ivanti Avalanche
Multiple stack-based buffer overflows have been identified in Ivanti Avalanche, tracked as a single vulnerability with a critical severity rating and CVSS base score of 9.8/10. Ivanti Avalanche is an
Microsoft Teams Used in Social Engineering Attacks
Highly targeted phishing attacks have been carried out by the threat actor Midnight Blizzard, previously known as NOBELIUM, via Microsoft Teams. These attacks targeted a range of organisations including government
Subscribe to our monthly newsletter today
If you’d like to stay up-to-date with the latest cyber security news and articles from our technical team, you can sign up to our monthly newsletter.
We hate spam as much as you do, so we promise not to bombard you with emails. We’ll send you a single, curated email each month that contains all of our cyber security news and articles for that month.