-
BrandPost: Selecting Cybersecurity Solutions for Hybrid and Hyperscale Data Centers
Hybrid and hyperscale data centers need cybersecurity solutions that won’t hinder an organization from doing its business. However, there …
-
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its
-
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models …
-
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other …
-
3 strategies to expand your threat model and secure your supply chain
As GitHub’s Chief Security Officer and SVP of Engineering, one of the most common discussions I have with other engineering and security …
-
Ways to Improve Employee Safety With Cybersecurity Technology
Technology has become a crucial part of virtually every business environment. The right tools from cloud-based software to innovative …
-
Fast-Growing Dropbox Campaign Steals Microsoft SharePoint Credentials
Threat actors are using messages sent from Dropbox to steal Microsoft user credentials in a fast-growing business email compromise (BEC) …
-
How to password-protect your Private Browsing in MacOS Sonoma and Safari
Apple’s just made it easier to keep unwanted eyes away from your …
-
NSA Establishes AI Security Center
The National Security Agency (NSA) has unveiled the AI Security Center, a new entity dedicated to overseeing the development and …
-
Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers
Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data …
-
MGM Hack Analysis: Security Still a Test of Your Weakest Link
As Cybersecurity Awareness Month is upon us once again, the recent MGM Resorts cyberattack reminds us that attackers are still constantly …
-
Google’s new requirements for bulk email senders aimed at keeping Gmail spam-free
Google LLC today announced that it’s introducing new requirements for bulk email senders with an aim to help keep Gmail safe, …
●●●
NVD
- CVE-2023-28373 – A flaw exists in FlashArray Purity whereby an array administrator by configuring an extern …
- CVE-2023-36628 – A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a F …
- CVE-2023-32572 – A flaw exists in FlashArray Purity wherein under limited circumstances, an array administr …
- CVE-2023-4817 – This vulnerability allows an authenticated attacker to upload malicious files by bypassing …
- CVE-2023-3335 – Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Admin …
EXPLOITS
- Drupal 10.1.2 – web-cache-poisoning-External-service-interaction
- SyncBreeze 15.2.24 – ‘login’ Denial of Service
- Techview LA-5570 Wireless Gateway Home Automation Controller – Multiple Vulnerabilities
- SPA-Cart eCommerce CMS 1.9.0.3 – SQL Injection
- Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS
SECURELIST