Vulnerabilities Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product Ivanti has patched 20 vulnerabilities in its Avalanche MDM product, including a dozen remote code execution flaws rated critical. Eduard KovacsDecember 21, 2023
ICS/OT Flaws in Delta OT Monitoring Product Can Allow Hackers to Hide Destructive Activities Critical vulnerabilities in a Delta OT monitoring product can allow hackers to hide their destructive activities from the victim. Eduard KovacsDecember 11, 2023
Endpoint Security Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images. Eduard KovacsDecember 6, 2023
ICS/OT 21 Vulnerabilities in Sierra Wireless Routers Could Expose Critical Infrastructure to Attacks Forescout has found 21 vulnerabilities in Sierra Wireless OT/IoT routers that could expose critical infrastructure organizations to remote attacks. Eduard KovacsDecember 6, 2023
Artificial Intelligence Critical Vulnerability Found in Ray AI Framework A critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes. Ionut ArghireNovember 28, 2023
Data Protection Atlassian CISO Urges Quick Action to Protect Confluence Instances From Critical Vulnerability Atlassian warns that a critical vulnerability in Confluence Data Center and Server could lead to significant data loss if exploited. Ionut ArghireOctober 31, 2023
Uncategorized Attackers Exploiting Critical F5 BIG-IP Vulnerability Exploitation of a critical vulnerability (CVE-2023-46747) in F5’s BIG-IP product started less than five days after public disclosure and PoC exploit code was published. Ionut ArghireOctober 31, 2023
Vulnerabilities F5 Warns of Critical Remote Code Execution Vulnerability in BIG-IP A critical-severity vulnerability in F5 BIG-IP CVE-2023-46747 allows unauthenticated attackers to execute code remotely. Ionut ArghireOctober 27, 2023
Malware & Threats Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant. Eduard KovacsOctober 24, 2023
ICS/OT Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks. Eduard KovacsOctober 12, 2023
Vulnerabilities In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers. Ionut ArghireSeptember 25, 2023
Vulnerabilities Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems Atos Unify product vulnerabilities could be exploited to cause disruption and reconfigure or backdoor the targeted system. Eduard KovacsSeptember 20, 2023