Recent Security News
-
Citrix warns of new Netscaler zero-days exploited in attacks
January 16, 2024 at 03:33PM Citrix has warned customers to immediately patch their vulnerable Netscaler ADC and Gateway appliances against actively exploited zero-day vulnerabilities (CVE-2023-6548 and CVE-2023-6549). The company advises blocking network traffic to affected instances if updates cannot be deployed immediately, and separating the management interface from internet exposure to reduce the risk of…
-
Locking down the edge
January 16, 2024 at 03:22PM As operational functions move to distributed sites and devices, edge security becomes a growing concern. Hosting data at edge locations presents increased vulnerabilities, especially in sectors like healthcare and manufacturing. Edge breaches can have severe consequences and require high-level cybersecurity protection. Dell Technologies’ webinar discusses these challenges and proposes a…
-
Google fixes first actively exploited Chrome zero-day of 2024
January 16, 2024 at 02:14PM Google has released security updates to address the first Chrome zero-day vulnerability (CVE-2024-0519) exploited since the beginning of the year. This high-severity flaw in the Chrome V8 JavaScript engine allows attackers to access sensitive data, trigger crashes, and potentially execute arbitrary code. Google also fixed two other vulnerabilities (CVE-2024-0517 and…
-
Majorca city Calvià extorted for $11M in ransomware attack
January 16, 2024 at 01:52PM Calvià City Council in Majorca was hit by a ransomware attack, affecting municipal services. With a population of 50,000 and a major tourism destination, it formed a crisis committee to assess the damage. IT specialists are conducting forensic analysis while administrative deadlines have been suspended till Jan 31, 2024. The…
-
Double trouble for VMware and Atlassian admins – there are critical flaws to fix
January 16, 2024 at 01:12PM Critical vulnerabilities in Atlassian and VMware products have been revealed. Atlassian’s Confluence Data Center and Server have a flaw allowing remote code execution, and Jira Software Data Center and Server are susceptible to XML external entity attacks. VMware’s Aria Automation faces a missing access control issue, all requiring immediate patching…