Atlassian patches critical RCE flaws across multiple products
System administrators should prioritize applying the available updates
Read More...Patching Archives - CyberConvoy Blog
Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software.
Read More...
Hackers start exploiting critical ownCloud flaw, patch now
In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key
Read More...
Citrix warns admins to kill NetScaler user sessions to block hackers
Besides applying the necessary security updates, administrators are also advised to wipe all previous user sessions and terminate all active ones
Read More...
CISA warns of actively exploited Windows, Sophos, and Oracle bugs
The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues
Read More...
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
This month's Patch Tuesday fixes five zero-day vulnerabilities, with three exploited in attacks and three publicly disclosed
Read More...
Critical Azure CLI flaw found that leaked credentials in logs
They found that successful exploitation enables unauthenticated attackers to remotely access plain text contents written by Azure CLI to Continuous Integration and Continuous Deployment (CI/CD) logs
Read More...
CISA warns of actively exploited Juniper pre-auth RCE exploit chain
Administrators are urged to immediately secure their devices by upgrading JunOS to the most recent release or, as a minimum precaution, restrict Internet access to the J-Web interface to eliminate the attack vector
Read More...
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
Over the past few months, critical flaws in the Veeam backup software have been exploited by multiple threat actors, including FIN7 and BlackCat ransomware, to distribute malware
Read More...
QNAP warns of critical command injection flaws in QTS OS, apps
QNAP users are advised to apply the available security updates as soon as possible
Read More...