Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management

The Hacker News
#vulnerability#auth#ssl#The Hacker News
FreeBSD Gets €686,400 to Boost Security Features

The funds from Germany's Sovereign Tech Fund will be used to integrate zero-trust capabilities, tools for software bill of materials, and other security features.

The 2024 Threat Landscape State of Play

Talos' Nick Biasini discusses the biggest shifts and trends in the threat landscape so far. We also focus on one state sponsored actor that has been particularly active this year, and talk about why defenders need to be paying closer attention to infostealers.

NIST Cybersecurity Framework (CSF) and CTEM – Better Together

It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm

The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting both Microsoft Windows and Linux systems. "KTLVdoor is a highly obfuscated malware that

OpenSSL Toolkit 3.3.2

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

OpenSSL Toolkit 3.2.3

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

OpenSSL Toolkit 3.1.7

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

OpenSSL Toolkit 3.0.15

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide.

Debian Security Advisory 5764-1

Debian Linux Security Advisory 5764-1 - David Benjamin reported a flaw in the X.509 name checks in OpenSSL, a Secure Sockets Layer toolkit, which may cause an application performing certificate name checks to crash, resulting in denial of service.