Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Lawo AG vsm LTC Time Sync Path Traversal

Lawo AG vsm LTC Time Sync versions prior to 4.5.6.0 suffer from a path traversal vulnerability.

Packet Storm
#vulnerability#web#windows#microsoft#auth#jira#chrome#ssl
Red Hat Security Advisory 2024-8461-03

Red Hat Security Advisory 2024-8461-03 - An update for krb5 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

My Journey From the Air Force to Cybersecurity

Cybersecurity is mission-driven, meaningful work that coincides with the service branches' goals to protect, defend, and create a safer world.

Researchers Discover Command Injection Flaw in Wi-Fi Alliance's Test Suite

A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers. "This flaw allows an unauthenticated local attacker to

Cybersecurity Isn't Easy When You're Trying to Be Green

Renewable energy firms deal with a large cyberattack surface area, given the distributed nature of power generation and more pervasive connectivity.

UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)

Fortinet and Mandiant investigated the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries. Threat…

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they're happening across industries and outpacing traditional defense mechanisms.  The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses

SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures

The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making "materially misleading disclosures" related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast, and Unisys – are being penalized for how they handled the disclosure process in the aftermath of

Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations

The Irish data protection watchdog on Thursday fined LinkedIn €310 million ($335 million) for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. "The inquiry examined LinkedIn's processing of personal data for the purposes of behavioral analysis and targeted advertising of users who have created LinkedIn profiles (members)," the Data

Is the Blockchain Secure? Yes, and Here’s Why

Blockchain, known for its role in cybersecurity, fintech, and cryptocurrencies, raises the question: Is it secure? Absolutely! With…