Unpatched DNS Related Vulnerability Affects a Wide Range of IoT Devices
Cybersecurity researchers have disclosed an unpatched security vulnerability that could pose a serious risk to IoT products. The issue, which was originally reported in...
Tagged: vulnerability
Which Hole to Plug First? Solving Chronic Vulnerability Patching Overload
According to folklore, witches were able to sail in a sieve, a strainer with holes in the bottom. Unfortunately, witches don’t work in cybersecurity...
Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability
Rapid7 security researchers have identified 2,000 internet-exposed Linux servers that appear to be impacted by a Redis vulnerability that has been exploited in attacks....
Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers
Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized...
Everything you need to know to create a Vulnerability Assessment Report
You’ve been asked for a Vulnerability Assessment Report for your organisation and for some of you reading this article, your first thought is likely...
Researchers Report Critical RCE Vulnerability in Google’s VirusTotal Platform
Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The...
Atlassian Patches Critical Authentication Bypass Vulnerability in Jira
Atlassian last week announced that its popular issue and project tracking software Jira is affected by a critical vulnerability, and advised customers to take...
Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability
Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker...
Researcher Releases PoC for Recent Java Cryptographic Vulnerability
A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449...
Unpatched Vulnerability Allows Hackers to Steal Emails of RainLoop Users
An unpatched vulnerability affecting the RainLoop webmail client can be exploited to hijack a user’s session and steal their emails, according to application security...