CVSS 4.0 released, allows consumers assess real-time threat and impact
FIRST has unveiled the latest version of its Common Vulnerability Scoring System (CVSS 4.0). Critical in the interface between supplier and consumer, CVSS provides a…
Latest Cybersecurity News — Page 5395
View all →
SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products
SonicWall on Wednesday announced patches for 15 vulnerabilities in its Global Management System (GMS) and Analytics products, including four critical-severity issues. GMS is a web-based…
6 Actively Exploited Zero-Days and 132 Flaws Patched
A total of 132 new security flaws in Microsoft’s products were patched, including six zero-day issues that the company claimed were being actively used in the…
SonicWall Critical Flaws Let Attackers Bypass Authentication
SonicWall has recently published a security notice in which 15 vulnerabilities were fixed. CVEs for these vulnerabilities have been published, and patches for 4 Critical,…
Zoom Security Flaws let Attackers Escalate Privileges
Zoom has released security patches for 6 high and 1 low severity vulnerabilities, allowing threat actors to escalate privileges and disclose sensitive information. The CVSS…
Citrix Secure Access Client Flaw Let Attackers Execute Remote Code
Citrix has released security advisories for critical and high-severity vulnerabilities, which could allow threat actors to escalate their privileges if they have access to an…
Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks
Jul 13, 2023THNOT/ICS, SCADA Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP (ENIP)…
BT, Sky, TalkTalk, Three and Virgin Media commit to curbing telco supply chain GHG emissions
Several of the UK’s largest comms providers are collaborating on a sustainability initiative that is geared towards curbing telco supply chain’s greenhouse gas emissions (GHG).…
8BASE Ransomware Group Adds 7 New Organizations As Victims
The 8BASE ransomware group has claimed responsibility for attacking seven new victims and listing them on their dark web portal. The affected companies include The…
Stealthy Universal Rootkit Let Attacker Load Payload Directly
A self-signed China-originated Rootkit acts as a universal downloader targeting gaming sectors to exfiltrate sensitive information. The threat actors abuse Microsoft signing portals to sign…
Hackers Actively Exploit Unpatched Office Zero-Day Flaws in the Wild
Storm-0978, a threat actor, actively targeted European and North American defense and government entities in a phishing campaign. Exploiting CVE-2023-36884, the campaign used Word documents…
APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure
An unnamed advanced persistent threat (APT) group has set its sights on two Rockwell Automation product vulnerabilities that they could use to cause disruption or…