#CVE202329552

Royal Mail cyber security still a mess, say infosec researchers

by

November 13, 2023 at 01:32AM The UK’s Royal Mail has been found to have an open redirect flaw on one of its websites, which potentially exposes customers to malware infections and phishing attacks. The vulnerability allows attackers to use the legitimate website to redirect users to malicious sites. The Royal Mail has been notified of … Read more

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

by

November 9, 2023 at 01:09AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2023-29552, the flaw could be exploited for denial-of-service attacks with a high amplification factor. Federal agencies are required to apply necessary mitigations by … Read more