Recent Security News
-
Veeam Patches Critical Vulnerabilities in Enterprise Products
September 6, 2024 at 08:00AM Veeam announced patches for critical-severity bugs this week, impacting its enterprise products. The vulnerabilities could lead to remote code execution and sensitive information disclosure. The flaws affect various Veeam solutions including Backup & Replication, Veeam ONE, Service Provider Console, Veeam Agent for Linux, and other plugins. Users are advised to…
-
LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks
September 6, 2024 at 06:30AM A critical vulnerability, CVE-2024-44000, was discovered in the LiteSpeed Cache plugin for WordPress, allowing attackers to potentially take over websites by retrieving and using stored user cookies. The flaw was identified and reported by Patchstack, who emphasized the importance of securing the debug log process. The issue was resolved with…
-
CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability
September 6, 2024 at 06:30AM CISA responded to the disclosure of a security vulnerability in FlyCASS, a third-party application related to airport security systems. The issue allowed unauthorized access to the account of a participating airline, potentially compromising security screening and cockpit access. The researchers identified and reported several serious issues, prompting the disabling of…
-
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025
September 6, 2024 at 06:21AM The 2024 State of the vCISO Report by Cynomi highlights the increasing demand for virtual Chief Information Security Officer (vCISO) services. The survey reveals that 98% of MSPs and MSSPs plan to offer vCISO services, driven by SMB demand and beneficial outcomes such as revenue increase and enhanced client security.…