Introduction In a recent blog post by VulnCheck, a vulnerability in MikroTik RouterOS was discussed in detail. The vulnerability, identified as CVE-2023-30799, affects MikroTik RouterOS up until version 6.49.8 (July…
The Centre for Cyber Security Belgium (CERT.be) has issued an advisory warning of an actively exploited zero-day vulnerability (CVE-2023-38606) affecting all Apple products. This vulnerability, which allows for the modification…
Introduction The Terrestrial Trunked Radio (TETRA), a communication system extensively utilized by government agencies, law enforcement, and emergency services organizations across Europe, the United Kingdom, and numerous other countries, has…
Ivanti, a leading provider of IT software solutions, has recently addressed a critical zero-day authentication bypass vulnerability in its Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core. This vulnerability,…
A recent oss-security list post from Tavis Ormandy has brought attention to a use-after-free vulnerability, CVE-2023-20593, in AMD Zen2 processors.
Managed File Transfer (MFT) solutions are essential tools for businesses to securely transfer sensitive data. However, like any software, they can be vulnerable to exploits if not properly managed and…
APT29, also known as Cozy Bear, is a Russian hacker group believed to be affiliated with one or more Russian intelligence agencies. The group has been operating for the Russian…
OpenSSH, a widely used implementation of the Secure Shell protocol (SSH), has released its latest version, OpenSSH 9.3p2. This update addresses a significant security bug, CVE-2023-38408, which could potentially be…
A critical vulnerability, tracked as CVE-2023-3519 (NVD), has been identified in Citrix ADC and Gateway products. This vulnerability is currently being exploited in the wild and the rate of exploitation…
Oracle has released its July 2023 Critical Patch Update (CPU), which includes a staggering 508 new security patches. This update is significant due to the sheer volume of patches and…