Vulnerabilities

March 2023 Patch Tuesday Closes Two Zero-Days Actively Exploited By State-Sponsored Actors

Microsoft's Patch Tuesday for March 2023 fixes more than 80 vulnerabilities, 9 of which are rated critical severity, and 2 zero-days—an Outlook Elevation of Privilege Vulnerability (CVE-2023-23397) and a Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2023-24880). Administrators are encouraged to apply updates ASAP. If this is not possible, there are some mitigating actions to be taken.

March 15, 2023 18:37 GMT

Critical Citrix ADC and Gateway Zero-Day Actively Exploited

Citrix has announced the release of an update to Citrix ADC and Gateway Appliance which patches CVE-2022-27518, a…

December 14, 2022 19:40 GMT

Increased Scanning Activity for Recent Exchange SSRF Vulnerabilities

OCTOBER 24, 2022 21:18 GMT Attempts to exploit the chained attack utilizing CVE-2022-41040 and CVE-2022-41082 are being observed…

October 24, 2022 21:16 GMT

Microsoft Warns of Two Actively-Exploited Exchange Zero-Days

SEPTEMBER 30, 2022 19:35 GMT This alert from Pillr is intended to brief users and administrators on newly…

September 30, 2022 22:44 GMT

CISA Warns of Exploited DDoS Vulnerability Impacting Palo Alto Firewalls

A new vulnerability in Palo Alto's PAN-OS affects firewalls, opening them up to potential amplified and reflected DDoS attacks.

August 25, 2022 19:28 GMT

VMWare Patches Severe Vulnerabilities Across Multiple Platforms

Earlier this week, VMWare published a critical security advisory that addresses security vulnerabilities in multiple product lines, including…

August 4, 2022 15:00 GMT

CISA Suggests Patching Severe Vulnerability in OpenSSL

OpenSSL version 3.0.4 is susceptible to a vulnerability that allows for buffer overflow and remote code execution. CISA…

July 7, 2022 20:24 GMT

Follina Zero-Day Allows Zero-Click RCE From Office Docs

JUNE 2, 2022 19:09 GMT Microsoft Office docs are the primary vector for an actively exploited zero-day vulnerability…

June 2, 2022 15:45 GMT

CISA Advises Urgent Priority For Patching of New VMware Vulnerabilities

MAY 19, 2022 12:38 GMT CISA has issued a rare emergency directive and is advising urgent patching priority for…

May 19, 2022 00:04 GMT

F5Networks Security Fixes—Critical RCE Impacting BIG-IP

MAY 6, 2022 16:03 GMT F5Networks has released security updates to patch multiple products, including a critical vulnerability…

May 6, 2022 15:52 GMT

Hand-Picked Top-Read Stories

Phishing Scams Using Chatbots to Capture Personal Information

Weekly Top Ten Cybersecurity Stories – 5.19.2023

Weekly Top Ten Cybersecurity Stories – 5.12.2023

Trending Tags

Vulnerabilities

March 2023 Patch Tuesday Closes Two Zero-Days Actively Exploited By State-Sponsored Actors

Critical Citrix ADC and Gateway Zero-Day Actively Exploited

Increased Scanning Activity for Recent Exchange SSRF Vulnerabilities

Microsoft Warns of Two Actively-Exploited Exchange Zero-Days

CISA Warns of Exploited DDoS Vulnerability Impacting Palo Alto Firewalls

VMWare Patches Severe Vulnerabilities Across Multiple Platforms

CISA Suggests Patching Severe Vulnerability in OpenSSL

Follina Zero-Day Allows Zero-Click RCE From Office Docs

CISA Advises Urgent Priority For Patching of New VMware Vulnerabilities

F5Networks Security Fixes—Critical RCE Impacting BIG-IP

The New Standard of

Cybersecurity
Education

Innovate Cybersecurity Summit

Threat Advisories

Weekly Top Ten Cybersecurity Stories – 5.19.2023

Weekly Top Ten Cybersecurity Stories – 5.12.2023

Weekly Top Ten Cybersecurity Stories – 5.5.2023

Weekly Top Ten Cybersecurity Stories – 4.28.2023

Weekly Top Ten Cybersecurity Stories – 4.21.2023

Education

Verify Email Origin Authenticity By Implementing DMARC

Building a Foundational Data Classification Strategy

Common Pitfalls in Continuous Monitoring

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware