April 9, 2024 at 04:58PM Researchers at Bitdefender have identified four vulnerabilities in LG webOS, affecting various smart TV models and exposing around 91,000 devices. These bugs include command injection, privilege escalation, and bypass vulnerabilities, tracked as CVE-2023-6317, CVE-2023-6318, CVE-2023-6319, and CVE-2023-6320. LG released security updates after being alerted in November 2023. Users should check … Read more
February 20, 2024 at 06:27AM ConnectWise released software updates to fix critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could enable remote code execution and impact confidential data or critical systems. Users of affected versions are urged to update to version 23.9.8 to mitigate the risk of exploitation. Key Takeaways … Read more
February 6, 2024 at 07:36AM Google announced patches for 46 Android vulnerabilities, including a critical bug (CVE-2024-0031) in the System component, enabling remote code execution. The 2024-02-01 security patch level fixed this flaw and 14 other high-severity defects. A subsequent update on 2024-02-05 addressed 31 high-severity issues in various components. Google also patched seven Pixel … Read more
January 11, 2024 at 04:01AM Cisco has issued software updates to address a critical security flaw (CVE-2024-20272 – CVSS score: 7.3) in Unity Connection, allowing arbitrary file upload and execution of commands. Users are advised to update to patched versions to mitigate potential threats. Additionally, 11 medium-severity vulnerabilities have been resolved across Cisco software. Cisco … Read more
November 17, 2023 at 05:08PM VicOne and Block Harbor have unveiled an integrated workflow-based system for the automotive industry that provides cybersecurity intelligence. The system improves the efficiency of software updates in vehicles and manages growing cybersecurity threats. It allows automakers to quickly assess risks and take appropriate actions. The solution also enables testing of … Read more
November 6, 2023 at 01:00PM QNAP has released security updates to address two critical vulnerabilities in its operating system. The first vulnerability, tracked as CVE-2023-23368, is a command injection bug affecting QTS, QuTS hero, and QuTScloud. The second vulnerability, CVE-2023-23369, is a command injection flaw in QTS, Multimedia Console, and Media Streaming add-on. Users are … Read more
October 24, 2023 at 05:10PM Cybersecurity Awareness Month celebrates its 20th anniversary by promoting the importance of cybersecurity education. The initiative, which began in the US and has now become a global movement, encourages proactive measures and knowledge-sharing to address human risk, which accounts for over 80% of cybersecurity incidents. Microsoft recommends focusing on enabling … Read more
October 13, 2023 at 09:19AM Juniper Networks has released patches for over 30 vulnerabilities in Junos OS and Junos OS Evolved. The most critical flaw is an incorrect default permissions bug that allows unauthorized access and the creation of a backdoor with root privileges. Other vulnerabilities include denial of service (DoS) risks and impacts on … Read more