4 liens privés
A critical security flaw identified as CVE-2024-21762 has been discovered in Fortinet's FortiOS and FortiProxy secure web gateway systems, potentially impacting around 150,000 devices worldwide.
VMware's ESXi, Workstation, and Fusion products, could allow attackers to execute malicious code on affected systems.
Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited.
te dans les produits WithSecure. Elle permet à un attaquant de provoquer un déni de service à dista
ZSB-24008
Bank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year.
Fortinet has unveiled a critical security flaw in its SSL VPN, CVE-2024-21762, allowing hackers to execute arbitrary code.
Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution.
Windows encryption feature defeated by $10 and a YouTube tutorial
Episode #442 Consacré aux vulnérabilités découvertes en janvier 2024 dans Ivanti Connect Secure et Policy Secure Gateways Bulletin d’alerte du CERT-FRhttps://www.cert.ssi.gouv.fr/alerte/CERTFR-2024-ALE-001/ Ce blog détaille comment l’analyse de la mémoire a révélé l’exploitation de deux vulnérabilités zero-day dans Ivanti Connect Secure VPN1.https://www.volexity.com/blog/2024/02/01/how-memory-forensics-revealed-exploitation-of-ivanti-connect-secure-vpn-zero-day-vulnerabilities/ Détails sur cinq familles de malwares associées à l’exploitation des appareils CS et PS3.https://www.mandiant.com/resources/blog/suspected-apt-targets-ivanti-zero-day […]
This page contains a web-friendly version of the Cybersecurity and Infrastructure Security Agency’s Supplemental Direction V1: Emergency Directive 24-01:
Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system.
Multiple proof-of-concept (PoC) exploits for recently disclosed critical Jenkins vulnerability CVE-2024-23897 have been released.
Security researchers hacked the Tesla infotainment system and demoed a total of 24 zero-days on the second day of the Pwn2Own Automotive 2024 hacking competition.
GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.