Recent Security News
-
Over 178,000 SonicWall firewalls vulnerable to RCE, DoS attacks
January 15, 2024 at 01:34PM Security researchers discovered that more than 178,000 SonicWall firewalls with exposed online management interfaces are vulnerable to denial-of-service and remote code execution attacks. These vulnerabilities affect a large number of appliances and can lead to serious security risks. Users are advised to take measures to protect their devices from these…
-
Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers
January 15, 2024 at 12:41PM GitLab admins must urgently apply the latest security patches due to a critical account-bypass vulnerability (CVE-2023-7028) impacting versions 16.1.0 to 16.7.1. Attackers can exploit it to send password reset emails and potentially take over accounts. Enabling 2FA is recommended as a stop-gap mitigation. Other vulnerabilities (CVE-2023-5356, CVE-2023-4812, CVE-2023-6955, and CVE-2023-2030)…
-
Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows
January 15, 2024 at 11:44AM The Guardio Labs research team has revealed a security flaw, dubbed MyFlaw, in the Opera web browser for Windows and macOS, allowing execution of files on the operating system. The flaw exploits the My Flow feature, prompting updates on Nov 22, 2023, to address it. The vulnerability emphasizes the need…
-
3 Ransomware Group Newcomers to Watch in 2024
January 15, 2024 at 11:44AM The ransomware industry witnessed a significant 55.5% surge in victims worldwide in 2023, totaling 4,368 cases. Groups like LockBit 3.0, AlphV, and Cl0p were notable contributors. Emerging groups like 3AM, Rhysida, and Akira also made an impact. Cyberint expects these new players to further establish themselves alongside veteran groups in…
-
High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners
January 15, 2024 at 11:44AM Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners, allowing attackers to execute arbitrary code. Bitdefender discovered the BCC100 thermostat flaw, which Bosch addressed in November 2023. Additionally, Rexroth nutrunners have over two dozen vulnerabilities, with patches expected by January 2024. These vulnerabilities could…