A data center is the technological hub of modern enterprise operations. The data center provides the critical IT infrastructure needed to deliver resources and services to business employees, partners and customers around the world. A small or midsize business can often implement a useful “data center” within the confines of a closet or other convenient […]
CISA confirmed active exploitation of a critical remote code execution (RCE) bug in Fortinet’s FortiOS, urging immediate security updates or SSL VPN disabling to mitigate the risk.
Feb 09, 2024NewsroomZero Day Vulnerability / Network Security Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. “A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a […]
Google fixed an Android critical remote code execution flaw Pierluigi Paganini February 06, 2024 Google released Android ’s February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution issue. Google released Android February 2024 security patches to address 46 vulnerabilities, including a critical remote code execution flaw tracked as CVE-2024-0031. The […]
Critical shim bug impacts every Linux boot loader signed in the past decade Pierluigi Paganini February 07, 2024 The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution. The maintainers of ‘shim’ addressed six vulnerabilities with the release of version 15.8. The most severe of these […]
Canon has patched seven critical buffer-overflow bugs affecting its small office multifunction printers and laser printers. Tracked as CVE-2023-6229 through CVE-2023-6234 (plus CVE-2024-0244), they affect different processes common across Canon’s product lines – the username or password process involved with authenticating mobile devices, for example, the Service Location Protocol (SLP) attribute request process, and more. […]
Feb 07, 2024NewsroomCybersecurity / Software Security JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over susceptible instances. The vulnerability, tracked as CVE-2024-23917, carries a CVSS rating of 9.8 out of 10, indicative of its […]
The FortiSIEM product from Fortinet has been found to have two new critical vulnerabilities, CVE-2024-23108 and CVE-2024-23109, which allow for remote code execution by unauthenticated attackers.
Mastodon users and administrators need to upgrade to the latest version to patch a critical vulnerability (CVE-2024-23832) that allows attackers to take over accounts remotely.