Please turn on your JavaScript for this page to function normally.
VPN
Researchers reveal exploitable flaws in corporate VPN clients

Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be …

ransomware
GoZone ransomware accuses and threatens victims

A new ransomware dubbed GoZone is being leveraged by attackers that don’t seem to be very greedy: they are asking the victims to pay just $1,000 in Bitcoin if they want …

American Water
American Water shuts down systems after cyberattack

American Water, the largest water and wastewater utility company in the US, has shut down some of its systems following a cyberattack. While the company confirmed that none of …

SonicWall
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting …

SonicWall
SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific …

black hat
Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32

I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security …

Apache OFBiz
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)

CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute …

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows “is more severe than it initially appeared,” according to SonicWall’s …

HNS
SonicWall launches Cloud Secure Edge, suitable for any stage of cloud migration

SonicWall launched Cloud Secure Edge (CSE), offering an innovative suite of Zero Trust Access offerings designed specifically for MSPs who are meeting customers with …

Atlassian Confluence
High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)

If you’re self-hosting an Atlassian Confluence Server or Data Center installation, you should upgrade to the latest available version to fix a high-severity RCE flaw …

Patch Tuesday
Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)

On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked …

connections
MSPs undergo transformation in response to persistent cyber threats

Organizations are increasingly turning to Managed Service Providers (MSPs) to alleviate pressure on IT departments, according to SonicWall. Managed services have emerged as a …

Don't miss

Cybersecurity news