Pierluigi Paganini
November 08, 2022
Citrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Citrix is urging customers to install security updates to address a critical authentication bypass issue, tracked as CVE-2022-27510, in Citrix ADC and Citrix Gateway. The company addressed the following three vulnerabilities: “Note that only appliances that are operating […]
Pierluigi Paganini
November 07, 2022
Threats actors calling themselves “Justice Blade” published leaked data from an outsourcing IT vendor. The group of threat actors calling themselves ‘Justice Blade’ published leaked data from Smart Link BPO Solutions, an outsourcing IT vendor working with major enterprises and government agencies in the Kingdom of Saudi Arabia and other countries in the GCC. The […]
Pierluigi Paganini
November 07, 2022
Expert warns that the US and Israel are still unprepared to defeat a cyber attack against organizations in the water sector. Ariel Stern, a former Israeli Air Force captain, warns that the US and Israel are still unprepared to defeat a cyber attack against the water sector that could be orchestrated by enemy states like […]
Pierluigi Paganini
November 07, 2022
The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The United Kingdom’s National Cyber Security Centre (NCSC) is scanning all Internet-exposed devices hosted in the United Kingdom for vulnerabilities. The UK agency aims at secure these devices reporting the discovered vulnerabilities to their owners. […]
Pierluigi Paganini
November 05, 2022
Microsoft warns of an uptick among threat actors increasingly using publicly-disclosed zero-day exploits in their attacks. According to the Digital Defense Report published by Microsoft, threat actors are increasingly leveraging publicly-disclosed zero-day vulnerabilities to target organizations worldwide. The researchers noticed a reduction in the time between the announcement of a vulnerability and the commoditization of […]
Pierluigi Paganini
November 04, 2022
I’m proud to announce the release of the 10th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report, which is the annual analysis of the state of the cybersecurity threat landscape. This is the 10th edition of the […]
Pierluigi Paganini
November 04, 2022
Cisco addressed multiple flaws impacting its products, including high-severity issues in identity, email, and web security solutions. Cisco addressed multiple vulnerabilities impacting some of its products, including high-severity flaws in identity, email, and web security products. The most severe vulnerability addressed by the IT giant is a cross-site request forgery (CSRF) flaw, tracked as CVE-2022-20961 […]
Pierluigi Paganini
November 03, 2022
Fortinet addressed 16 vulnerabilities in some of the company’s products, six flaws received a ‘high’ severity rate. One of the high-severity issues is a persistent XSS, tracked as CVE-2022-38374, in Log pages of FortiADC. The root cause of the issue is an improper neutralization of input during web page generation vulnerability [CWE-79] in FortiADC. A […]
Pierluigi Paganini
November 02, 2022
Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File hosting service Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories on GitHub. According to the advisory published by Dropbox, the company was the target of a phishing campaign […]
Pierluigi Paganini
November 02, 2022
The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote code execution. The OpenSSL project has issued security updates to address a couple of high-severity vulnerabilities, tracked as CVE-2022-3602 and CVE-2022-3786, in its cryptography library. The flaws impact versions 3.0.0 through 3.0.6 of the library. The OpenSSL software […]
Cyber Crime / September 23, 2025
