Security News

Check Point warns customers to patch VPN vulnerability under active exploitation
2024-06-03 12:02

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
2024-05-30 17:45

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence...

Exploit released for maximum severity Fortinet RCE bug, patch now
2024-05-28 16:16

Security researchers have released a proof-of-concept exploit for a maximum-severity vulnerability in Fortinet's security information and event management solution, which was patched in February.On Tuesday, over three months after Fortinet released security updates to patch this security flaw, Horizon3's Attack Team shared a proof-of-concept exploit and published a technical deep-dive.

5 Patch Management Best Practices for Success in 2024
2024-05-24 10:53

What are some patch management best practices and techniques? Following patch management "Golden rules" such as patching on test machines and organizing rollout beforehand.

Researchers call out QNAP for dragging its heels on patch development
2024-05-20 14:00

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now
2024-05-17 06:43

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on...

May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)
2024-05-14 18:48

For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days actively exploited by attackers. CVE-2024-30051 is a heap-based buffer overflow vulnerability affecting the Windows DWM Core Library that can be exploited to elevate attackers' privileges on a target system.

Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
2024-05-14 17:49

Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days. The total count of 61 flaws does not include 2 Microsoft Edge flaws fixed on May 2nd and four fixed on May 10th. To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5037771 cumulative update and the Windows 10 KB5037768 update.

Apple backports iOS zero-day patch, adds Bluetooth tracker alert
2024-05-14 13:29

Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug in MarketplaceKit that may allow maliciously crafted webpages to distribute a script that tracks iOS users on other webpages. The company has also added a new capability to iOS 17 that will alert users if an unknown Bluetooth tracker is "Seen" moving with them.

Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast
2024-05-12 08:00

Veeam fixes RCE flaw in backup management platformVeeam has patched a high-severity vulnerability in Veeam Service Provider Console and is urging customers to implement the patch. May 2024 Patch Tuesday forecast: A reminder of recent threats and impactThe thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday.