CVE-2024-3400: Palo Alto Vulnerabilities in GlobalProtect Gateway Lead to RCE
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Read MoreCVE-2024-3094: xz-utils (liblzma) Backdoor
The xz-utils package, versions 5.6.0 and 5.6.2, has been identified as containing a backdoor vulnerability. The vulnerability is the result of a compromised library dependency, liblzma5 package. The presence of the backdoor potentially enables unauthorized access to affected systems through the manipulation of the sshd authentication process. Red Hat has assigned the identifier CVE-2024-3094 for this issue.
Read MoreCVE-2023-48788 – FortiClientEMS Pervasive SQL injection in DAS component
Learn about the critical SQL injection flaw in FortiClientEMS and how to mitigate the risk.
Read MoreThe Hedgehog Defense #2: Defend Against Automatically Mounted Disk Images
Learn how threat actors abuse a default Windows feature to trick users into running malicious software and what you can do to protect your environment.
Read MoreBlumira Awarded 2024 TMCnet Remote Work Pioneer Award
Blumira has been named as a 2024 winner of the TMCnet Remote Work Pioneer Award, which honors companies whose software supports remote work.
Read More5 Ways to Counteract Increasing Cyber Insurance Rates
Cyber insurance premiums are skyrocketing. Learn five ways to proactively strengthen security, reduce risks, and lower costs to obtain affordable coverage.
Read MoreCritical ScreenConnect Vulnerabilities Allow Remote Code Execution
Two critical vulnerabilities identified in ScreenConnect web server instances that could lead to remote code execution. Patch immediately!
Read More4 Cyberattacks on State/Local Government and What We Can Learn from Them
Overview of 4 recent government cyberattacks supplemented with analysis of the respective situations, and lessons learned from each instance.
Read MoreDemystifying NIST CSF: A Guide to Small Business Cybersecurity
Learn how the NIST Cybersecurity Framework can help small businesses leverage the framework to reduce risk.
Read MoreFortinet Vulnerabilities in FortiOS sslvpnd and fgfmd Lead to RCE
Fortinet details two new, critical vulnerabilities that result in remote code execution. Patch immediately!
Read More