Author: nlqip

Microsoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following and apply necessary updates:     Source link lol

Read More

Citrix released security updates to address vulnerabilities in multiple Citrix products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt ffrt…

Read More

Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users. The first Microsoft zero-day this month is CVE-2024-38080, a bug in the Windows Hyper-V component…

Read More

Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following Adobe Security Bulletins and apply necessary updates:  Security Updates Available for Adobe Premiere Pro | APSB24-46 Security Update…

Read More

Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks. Many networked devices (including switches, routers, and other routing infrastructure) on enterprise and telecommunication networks use the authentication and authorization RADIUS (Remote Authentication Dial-In User Service) protocol, sometimes tens of thousands of…

Read More

MS-ISAC ADVISORY NUMBER: 2024-077 DATE(S) ISSUED: 07/09/2024 OVERVIEW: A vulnerability has been discovered in OpenSSH that could allow for remote code execution. OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It is widely used in enterprise environments for remote server management,…

Read More

The 138 new CVEs (Common Vulnerabilities and Exposures) is ‘just shy of the record’ for Microsoft’s monthly release of security fixes, writes Trend Micro’s Dustin Childs. Microsoft made fixes available Tuesday for five critical vulnerabilities as part of its July patch release — while disclosing fixes for a near-record number of new CVEs (Common Vulnerabilities…

Read More

Fujitsu confirms that information related to some individuals and customers’ business has been compromised during the data breach detected earlier this year. The Japanese tech giant states that the attack did not involve ransomware but relied on a sophisticated mechanism to evade detection while exfiltrating the details. In March, the company discovered that several of…

Read More

5Critical 132Important 1Moderate 0Low Microsoft addresses 138 CVEs in its July 2024 Patch Tuesday release, with five critical vulnerabilities and three zero-day vulnerabilities, two of which were exploited in the wild. Microsoft released 138 CVEs in July 2024 Patch Tuesday release, with five rated critical, 132 rated important and one rated moderate. Our counts omitted…

Read More

Microsoft has released the KB5040427 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 13 changes, including Microsoft Copilot now behaving like an app, providing more flexibility on how it is displayed. The Windows 10 KB5040427 update is mandatory as it contains  Microsoft’s July 2024 Patch Tuesday security updates, which fix 142 vulnerabilities. Windows users can…

Read More