Ivanti Urges Users to Update Endpoint Manager Mobile Endpoint Manager Mobile (EPMM) users are advised to update their mobile device management software to address an actively exploited zero-day vulnerability. Ivanti, the company behind EPMM (formerly MobileIron Core), has issued a warning urging users to install the latest version that includes a fix for the vulnerability.
Read More
Apple Releases Security Updates to Address Vulnerabilities Introduction Apple has recently released a series of security updates for iOS, iPadOS, macOS, tvOS, watchOS, and Safari. These updates aim to fix various security vulnerabilities, including a zero-day bug that is actively being exploited in the wild. Details of the Vulnerabilities One of the vulnerabilities, tracked as
Read More
Atlassian, the software company known for its enterprise collaboration tools, has recently addressed three security flaws in its Confluence Server, Data Center, and Bamboo Data Center products. These vulnerabilities, if successfully exploited, could result in remote code execution on affected systems. The first vulnerability, identified as CVE-2023-22505, is a remote code execution flaw in Confluence
Read More
Summary: The healthcare industry continues to be a prime target for cyberattacks, as demonstrated by the high number of data breaches reported by the U.S. Government’s Office for Civil Rights. This article will highlight the ongoing cybersecurity challenges faced by the healthcare industry. Main Points: – Healthcare industry is frequently targeted for cyberattacks. – U.S.
Read More
h2 Google Messages to Support Message Layer Security Google recently revealed its intention to incorporate support for Message Layer Security (MLS) into its Messages service for Android. MLS is an open-source specification that enables end-to-end encryption for messaging platforms. This move aims to expand encrypted communication capabilities beyond platform limitations. h3 Limitations of Current Messaging
Read More
Zero-Day Vulnerabilities in Atera Software Compromised Vulnerabilities in Windows Installers of Atera Software Zero-day vulnerabilities have been discovered in the Windows Installers for the Atera remote monitoring and management software. These vulnerabilities could potentially be exploited to launch privilege escalation attacks. Flaws Discovered by Mandiant The vulnerabilities were discovered by Mandiant on February 28, 2023.
Read More
Details of OpenSSH Flaw Revealed Recently, details about a flaw in OpenSSH have been unveiled, which, under specific conditions, could allow attackers to remotely run arbitrary commands on compromised hosts. The vulnerability primarily affects OpenSSH’s forwarded ssh-agent. The Vulnerability The flaw was discovered by Qualys, and their analysis states that the vulnerability could enable remote
Read More
used open-source libraries as a gateway to target banking organizations, leveraging the trust associated with them,” the researchers explained. The researchers found that the attackers compromised legitimate open-source libraries and added malicious code to them. When these libraries were used by developers in the banking sector, the malicious code would be executed, allowing the attackers
Read More
Apple Warns it May Stop Offering iMessage and FaceTime in the U.K. Summary: Apple has expressed its resistance to new proposals in the U.K. that aim to expand digital surveillance powers for state intelligence agencies. The company has warned that it would rather stop offering iMessage and FaceTime services in the country than comply with
Read More
h1: Chinese Nation-State Actor Expands Scope of Attack on Microsoft’s Email Infrastructure h2: Key Details – Microsoft’s email infrastructure recently targeted by a Chinese nation-state actor known as Storm-0558. – The attack has a broader scope than initially believed. – Cloud security company Wiz reveals important information about the attack. h2: Extended Scope of the
Read MoreNo products in the cart.