Connect with us
Windows servers running Microsoft Office Online Server can be exploited to achieve server-side request forgery (SSRF) and thereafter remote code execution (RCE) on the host, according...
Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn. In a technical blog post,...
So-called ‘cloud native’ IT architectures are creating new threats for organizations, just as they look to update their technology infrastructure, security researchers have warned. Over half...
A recently resolved vulnerability in Sophos Firewall has been abused by attackers in targeted attacks, the vendor warns. The critical vulnerability (CVE-2022-3236) poses a remote code execution (RCE) risk. Sophos...
Multiple vulnerabilities in the WAPPLES web application firewall (WAF) created a means to commandeer vulnerable devices and run arbitrary commands, a researcher warns. Another set of flaws in...
Security researchers from IHTeam have uncovered a serious vulnerability in a plugin to the pfSense firewall technology. The affected pfBlockerNG plugin is not installed by default...
WatchGuard has patched several vulnerabilities in two main firewall brands that have been rated between medium and critical severity. In combination, two of the flaws allowed...
A security firm has criticized CrowdStrike for operating a “ridiculous” bug bounty disclosure program following a sensor flaw report. In April, Pascal Zenker, a partner of...
The information technology industry remains two moves behind attackers subjecting businesses to wave after wave of predictable attacks, investigative journalist Kim Zetter told delegates to Black...
A high-impact vulnerability in small business routers from Cisco could allow “patient and suitably positioned attackers” to obtain unauthenticated remote code execution on affected devices. The flaw was...
Recent Comments