Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

Building Cyber Resilience in SMBs ​With ​Limited Resources

​​​With careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths​​.

DARKReading
#vulnerability#dos#git#intel#samba#auth#ibm#ssl
Red Hat Security Advisory 2024-7599-03

Red Hat Security Advisory 2024-7599-03 - Red Hat OpenShift Container Platform release 4.16.16 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, integer overflow, and out of bounds write vulnerabilities.

Your IT Systems Are Being Attacked. Are You Prepared?

Company leadership needs to ensure technology teams are managing continuous monitoring, automated testing, and alignment with business needs across their enterprise.

Stealthy Malware Has Infected Thousands of Linux Systems for Years

Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities.

ManageEngine ADManager 7183 Password Hash Disclosure

ManageEngine ADManager version 7183 suffers from a password hash disclosure vulnerability.

How Cloud-Based Solutions Are Transforming Software Quality Assurance

Cloud-based solutions are transforming the software quality assurance (QA) industry. As organizations increasingly migrate their development and verification…

How This Video Game Controller Became the US Military’s Weapon of Choice

After decades of relying on buttons, switches, and toggles, the Pentagon has embraced simple, ergonomic video-game-style controllers already familiar to millions of potential recruits.

Debian Security Advisory 5781-1

Debian Linux Security Advisory 5781-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

Acronis Cyber Infrastructure Default Password Remote Code Execution

Acronis Cyber Infrastructure (ACI) is an IT infrastructure solution that provides storage, compute, and network resources. Businesses and Service Providers are using it for data storage, backup storage, creating and managing virtual machines and software-defined networks, running cloud-native applications in production environments. This Metasploit module exploits a default password vulnerability in ACI which allow an attacker to access the ACI PostgreSQL database and gain administrative access to the ACI Web Portal. This opens the door for the attacker to upload SSH keys that enables root access to the appliance/server. This attack can be remotely executed over the WAN as long as the PostgreSQL and SSH services are exposed to the outside world. ACI versions 5.0 before build 5.0.1-61, 5.1 before build 5.1.1-71, 5.2 before build 5.2.1-69, 5.3 before build 5.3.1-53, and 5.4 before build 5.4.4-132 are vulnerable.