Please turn on your JavaScript for this page to function normally.
Juniper Networks
Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591)

Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About …

Ivanti
Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)

Two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti Connect Secure VPN devices are under active exploitation by unknown attackers, Volexity researchers …

Facepalm
“Security researcher” offers to delete data stolen by ransomware attackers

When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as …

cyber threat
Russian hackers target unpatched JetBrains TeamCity servers

Russian state-sponsored hackers have been exploiting CVE-2023-42793 to target unpatched, internet-facing JetBrains TeamCity servers since September 2023, US, UK and Polish …

Sophos
EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now …

Windows 10
Microsoft will offer extended security updates for Windows 10

Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be …

arcserve
PoCs for critical Arcserve UDP vulnerabilities released

Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been …

Splunk
PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised …

Sophos
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been …

lock
From PKI to PQC: Devising a strategy for the transition

Quantum computers capable of breaking currently used encryption algorithms are an inevitability. And since the US, China and Europe are sprinting to win that arms race, we …

Juniper Networks
Juniper networking devices under attack

CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are …

Microsoft introduces new access policies in Entra to boost MFA usage

As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to …

Don't miss

Cybersecurity news