Recent Security News
-
Google fixes first actively exploited Chrome zero-day of 2024
January 16, 2024 at 02:14PM Google has released security updates to address the first Chrome zero-day vulnerability (CVE-2024-0519) exploited since the beginning of the year. This high-severity flaw in the Chrome V8 JavaScript engine allows attackers to access sensitive data, trigger crashes, and potentially execute arbitrary code. Google also fixed two other vulnerabilities (CVE-2024-0517 and…
-
Majorca city Calvià extorted for $11M in ransomware attack
January 16, 2024 at 01:52PM Calvià City Council in Majorca was hit by a ransomware attack, affecting municipal services. With a population of 50,000 and a major tourism destination, it formed a crisis committee to assess the damage. IT specialists are conducting forensic analysis while administrative deadlines have been suspended till Jan 31, 2024. The…
-
Double trouble for VMware and Atlassian admins – there are critical flaws to fix
January 16, 2024 at 01:12PM Critical vulnerabilities in Atlassian and VMware products have been revealed. Atlassian’s Confluence Data Center and Server have a flaw allowing remote code execution, and Jira Software Data Center and Server are susceptible to XML external entity attacks. VMware’s Aria Automation faces a missing access control issue, all requiring immediate patching…
-
Patch ASAP: Max-Critical Atlassian Bug Allows Unauthenticated RCE
January 16, 2024 at 01:10PM A critical unauthenticated remote code execution (RCE) vulnerability affects Atlassian Confluence Data Center and Confluence Server versions released before Dec. 5 (CVE-2023-22527). The bug carries a 10/10 severity rating and affects versions 8.0.x to 8.5.3. Organizations should update to the latest versions to defend against potential cyber-attacks, as no mitigations…
-
Africa, Middle East Lead Peers in Cybersecurity, But Lag Globally
January 16, 2024 at 01:10PM Africa and the Middle East stand out in cybersecurity compared to their economic peers, but fall short in overall cyber resilience. Despite this, efforts to improve cybersecurity in the regions are underway, including investing in replacing outdated technology and creating stronger workflows for identifying threats. Sustaining these efforts will require…