17551 results
Pierluigi Paganini
May 22, 2024
A critical security vulnerability in Veeam Backup Enterprise Manager could allow threat actors to bypass authentication. A critical vulnerability, tracked as CVE-2024-29849 (CVSS score: 9.8), in Veeam Backup Enterprise Manager could allow attackers to bypass authentication. Veeam Backup Enterprise Manager is a centralized management and reporting tool designed to simplify the administration of Veeam Backup & Replication […]
Pierluigi Paganini
April 29, 2024
Google announced they have prevented 2.28 million policy-violating apps from being published in the official Google Play. Google announced that in 2023, they have prevented 2.28 million policy-violating apps from being published on Google Play. This amazing result was possible thanks to the introduction of enhanced security features, policy updates, and advanced machine learning and […]
Pierluigi Paganini
April 29, 2024
A Belarusian group of activist group claims to have infiltrated the network of the country’s main KGB agency. The Belarusian hacktivist group Cyber-Partisans claims to have infiltrated the network of the country’s main KGB security agency. The hackers had access to personnel files of over 8,600 employees. On Friday, the website of the Belarusian KGB […]
Pierluigi Paganini
April 29, 2024
Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances. Multiple vulnerabilities found in the Brocade SANnav storage area network (SAN) management application could potentially compromise affected appliances. The following vulnerabilities, discovered by the security researcher Pierre Barre, impact all versions up to 2.3.0 (included): The most severe […]
Pierluigi Paganini
April 27, 2024
Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Officials reported that the security breach occurred on February 9, when someone logged into some BenefitsCal users’ accounts. Threat actors exploited reused passwords […]
Pierluigi Paganini
April 26, 2024
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks targeting the critical severity vulnerability CVE-2024-4040. CVE-2024-4040 is a CrushFTP VFS sandbox escape vulnerability. CrushFTP is a file transfer server software that enables secure and efficient file transfer capabilities. It supports various features such as […]
Pierluigi Paganini
April 22, 2024
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations, including financial institutions, regulatory bodies, and law enforcement agencies, for assessing potential risks associated with individuals and entities. It compiles information from diverse sources like public […]
Pierluigi Paganini
April 19, 2024
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher Wray. FBI Director Christopher Wray warned this week that China-linked threat actors are preparing an attack against U.S. critical infrastructure, Reuters reported. According to the FBI chief, the Chinese hackers are waiting “for just the right moment to deal a […]
Pierluigi Paganini
April 18, 2024
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. The PoC exploit code allows a local attacker to escalate privileges to root. Cisco Integrated […]
Pierluigi Paganini
April 17, 2024
Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls. CVE-2024-3400 (CVSS score of 10.0) is a […]
