November 13, 2024 at 08:03AM Intel and AMD released November 2024 Patch Tuesday advisories, addressing newly identified vulnerabilities in their products. Intel issued 44 advisories, while AMD provided 8. This update serves to inform customers about necessary security measures for their devices. **Meeting Takeaways:** 1. **Intel Security Advisories**: Intel has released 44 new security advisories … Read more
November 13, 2024 at 07:21AM CISA, Schneider Electric, Siemens, and Rockwell Automation have issued security advisories for November 2024’s Patch Tuesday, focusing on vulnerabilities in industrial control systems. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Participants:** CISA, Schneider Electric, Siemens, and Rockwell Automation. 2. **Key Event:** November 2024 Patch Tuesday security advisories have … Read more
August 14, 2024 at 08:39AM Fortinet and Zoom announced patches for multiple vulnerabilities on Tuesday. Fortinet’s patches address three security defects, including high, medium, and low-severity flaws. Zoom published patches for 15 vulnerabilities, including high and medium-severity issues across its products. Both companies advise users to update their applications, with no reports of active exploitation. … Read more
August 9, 2024 at 03:24PM Intel has disclosed new details on its Raptor Lake family of 13th and 14th Gen Core processors failures and the 0x129 microcode to prevent further damage. The instability issue is due to elevated operating voltage above 1.55 volts. Motherboard vendors are releasing BIOS updates containing the new microcode. AMD has … Read more
August 7, 2024 at 04:31PM SafeBreach security researcher Alon Leviev disclosed at Black Hat 2024 two unpatched zero-days that can be exploited in downgrade attacks on up-to-date Windows 10, 11, and Windows Server systems. Microsoft issued advisories for CVE-2024-38202 and CVE-2024-21302, providing mitigation guidance. The vulnerabilities allow for system compromise, making fully patched systems susceptible … Read more
July 19, 2024 at 07:01AM SolarWinds released security updates for Access Rights Manager, resolving 13 vulnerabilities, including eight critical-severity bugs. Six critical flaws could be exploited for remote code execution, while the remaining two could allow attackers to read and delete arbitrary files. Five high-severity issues were also addressed, impacting domain admin access and arbitrary … Read more
July 18, 2024 at 01:54PM Researchers discovered a fake ad blocker in China targeting Internet cafés that conceals sophisticated malware. “HotPage.exe,” approved by Microsoft, appears as adware but can intercept web traffic, introduce more ads, and drop a system-level driver. ESET reported it to Microsoft, who removed it on May 1. The malware is developed … Read more
July 18, 2024 at 07:45AM Cisco announced software updates for around a dozen vulnerabilities, which included critical-severity bugs in Secure Email Gateway and Smart Software Manager On-Prem. The flaws could allow an attacker to execute arbitrary code, initiate denial-of-service conditions, or access the web UI with compromised user privileges. Cisco also addressed high-severity vulnerabilities in … Read more
July 10, 2024 at 09:48AM Citrix has released patches for critical security vulnerabilities in its NetScaler product line, including improper authorization and buffer overflow bugs. It recommends updating to specific versions to address these issues. The company also addressed vulnerabilities in other products such as NetScaler ADC and Workspace app, urging customers to update appliances … Read more
July 10, 2024 at 07:48AM Major industrial control systems (ICS) providers issued security advisories, including Siemens with 17 new advisories for over 50 vulnerabilities, a critical bug in SINEMA remote connect server, and a BlastRADIUS vulnerability. Schneider Electric released four advisories for six vulnerabilities, including a critical-severity issue in Wiser Home Controller WHC-5918A. Ifm Electronic … Read more