Urgent Security Breach in GitLab: Immediate Action Required TLP: CLEAR
In today's world, network security is more critical than ever. Unfortunately, vulnerabilities such as CVE-2022-39952 can lead to severe consequences. This vulnerability affects Fortinet FortiNAC, a leading network access control solution, and allows attackers to execute arbitrary commands as an administrator on the affected system. Let's take a...
Introduction: Windows NTLM is a commonly used authentication protocol for Windows networks. However, a recent proof of concept (POC) has demonstrated a serious vulnerability in the protocol that could allow attackers to escalate their privileges and gain unauthorized access to sensitive information. This vulnerability, known as CVE-2023-21746, is...
The year 2023 is here, and with it comes a new set of cyber threats that organizations will need to be aware of and prepared for. While it is difficult to predict with certainty what the threat landscape will look like in 2023, based on current trends and developments, there are several key areas of concern that organizations should be aware of.
Overview This blog post discusses the recent vulnerability discovered in Sudo, a popular Linux command-line utility, that allows attackers to gain root privileges. The vulnerability, designated as CVE-2023-22809, affects all versions of Sudo prior to 1.9.6p1. The blog post explains how the vulnerability works, and how an attacker can exploit it....
On January 20th, security researchers discovered that exploit code for a remote code execution (RCE) vulnerability in ManageEngine's Desktop Central had been published online. This means that attackers may now have the means to take control of systems that are vulnerable to this exploit.