October 1, 2024 at 05:40PM Bishop Fox and ServiceNow announced the launch of Cosmos for ServiceNow, enabling seamless synchronization of validated exposures from Bishop Fox Cosmos portal into ServiceNow environment. This integration aims to enhance security posture and operational efficiency for customers. Bishop Fox’s Registered Build Partner status underscores the value of this solution in … Read more
May 6, 2024 at 08:20PM Citrix quietly addressed a vulnerability in its NetScaler ADC and Gateway appliances, similar to “CitrixBleed” but less serious. The flaw allowed attackers to occasionally capture sensitive information, although Citrix didn’t assign a CVE identifier. Bishop Fox reported the issue to Citrix in January, urging affected organizations to update their systems. … Read more
January 16, 2024 at 09:12AM Report: Many SonicWall next-generation firewall devices are unpatched for critical vulnerabilities CVE-2022-22274 and CVE-2023-0656, with potential for DoS and RCE attacks. Over 178,000 vulnerable devices found, and new PoC exploits developed. Recommendations include applying patches immediately due to known exploitation in malicious attacks. Key Takeaways from Meeting Notes: – Cybersecurity … Read more
November 28, 2023 at 09:06AM Ray, an open source compute framework for AI, has a critical vulnerability that allows unauthorized access to all nodes, warns cybersecurity firm Bishop Fox. The bug, known as CVE-2023-48023, exists because Ray does not properly enforce authentication on its dashboard and client components. Attackers can exploit this vulnerability to submit … Read more