Internet Security

VMware Workstation update fixes an arbitrary file deletion bug

February 3, 2023 add comment
VMware addressed a high-severity privilege escalation vulnerability, tracked as CVE-2023-20854, in VMware Workstation. VMware fixed a high-severity privilege escalation flaw, tracked as CVE-2023-20854, that impacts Workstation. An attacker can... Read more »

Atlassian fixed critical authentication vulnerability in Jira Software

February 3, 2023 add comment
Atlassian fixed a critical flaw in Jira Service Management Server and Data Center that can allow an attacker to impersonate another user and gain access to a Jira Service... Read more »

Russia-linked Gamaredon APT targets Ukrainian authorities with new malware

February 3, 2023 add comment
Russia-linked threat actor Gamaredon employed new spyware in cyber attacks aimed at public authorities and critical information infrastructure in Ukraine. The State Cyber Protection Centre (SCPC) of Ukraine warns of... Read more »

Cisco fixed command injection bug in IOx Application Hosting Environment

February 3, 2023 add comment
Cisco fixed a high-severity flaw in the IOx application hosting environment that can be exploited in command injection attacks. Cisco has released security updates to address a command injection... Read more »

API management (APIM): What It Is and Where It’s Going

February 2, 2023 add comment
Analyzing the concept of API management (APIM), its benefits, and what it will look like as the API landscape continues to evolve. There are two fundamental truths in the... Read more »

A High-severity bug in F5 BIG-IP can lead to code execution and DoS

February 2, 2023 add comment
Experts warn of a high-severity vulnerability that affects F5 BIG-IP that can lead to arbitrary code execution or DoS condition. A high-severity vulnerability in F5 BIG-IP, tracked as CVE-2023-22374,... Read more »

Experts warn of two flaws in popular open-source software ImageMagick

February 2, 2023 add comment
Experts disclosed details of two security flaws in the open-source software ImageMagick that could potentially lead to information disclosure or trigger a DoS condition. Researchers at Metabase Q discovered a couple... Read more »

Over 30k Internet-Exposed QNAP NAS hosts impacted by CVE-2022-27596 flaw

February 2, 2023 add comment
Censys found 30,000 internet-facing QNAP appliances potentially impacted by a recently disclosed critical code injection flaw. On January 30, Taiwanese vendor QNAP released QTS and QuTS firmware updates to address... Read more »

Pro-Russia Killnet group hit Dutch and European hospitals

February 1, 2023 add comment
The Dutch National Cyber Security Centre (NCSC) confirmed that Pro-Russia group Killnet hit websites of national and European hospitals. The Dutch National Cyber Security Centre (NCSC) reported that the... Read more »

New Prilex PoS Malware evolves to target NFC-enabled credit cards

February 1, 2023 add comment
Authors of the Prolex PoS malware improved their malicious code to target contactless credit card transactions. The threat actors behind the sophisticated point-of-sale (PoS) malware Prilex have have improved its... Read more »
Subscribe to our Newsletter