Patch Management / Security Research and Intelligence

RCE Flaw Discovered in PHP’s Windows Versions

The well-known open-source scripting language PHP (Hypertext Preprocessor) just had a critical RCE flaw patched and disclosed. Found and reported…

Comments Off on RCE Flaw Discovered in PHP’s Windows Versions

June 10, 2024

Endpoint Management / Endpoint Security / Endpoint Security and Management / Featured Articles / Patch Management / Security Research and Intelligence / Vulnerability Management

Microsoft Fixes 60 Vulnerabilities, 2 Rated Critical, in March 2024 Patch Tuesday

It's been a calm year so far for patches! January saw no zero days, February only saw two, and March…

Comments Off on Microsoft Fixes 60 Vulnerabilities, 2 Rated Critical, in March 2024 Patch Tuesday

March 13, 2024

Endpoint Management / Endpoint Security / Endpoint Security and Management / Patch Management / Security Research and Intelligence / Vulnerability Management

VMWare Catches New Critical ESXi Sandbox Escape Bugs

VMWare's latest advisory reveals four new vulnerabilities affecting its ESXi, Workstation, Fusion, and Cloud Foundation products. Each vulnerability has been…

Comments Off on VMWare Catches New Critical ESXi Sandbox Escape Bugs

March 6, 2024

Endpoint Management / Endpoint Security / Endpoint Security and Management / Patch Management / Security Research and Intelligence / Vulnerability Management

Critical Zero-Day Authentication Bypass Vulnerability (CVE-2024-0204) in Fortra GoAnywhere MFT.

If you're using a version of Fortra's GoAnywhere MFT that's lower than 7.4.1, you'll likely be shocked to know that…

Comments Off on Critical Zero-Day Authentication Bypass Vulnerability (CVE-2024-0204) in Fortra GoAnywhere MFT.

January 25, 2024

Endpoint Management / Endpoint Security / Endpoint Security and Management / Patch Management / Security Research and Intelligence / Vulnerability Management

53 Vulnerabilities (2 Critical) Fixed in Microsoft’s January 2024 Patch Tuesday

The second week of the new year has arrived, and with it comes 2024's first Microsoft Patch Tuesday. This time…

Comments Off on 53 Vulnerabilities (2 Critical) Fixed in Microsoft’s January 2024 Patch Tuesday

January 10, 2024

Endpoint Security / Endpoint Security and Management / Security Research and Intelligence / Vulnerability Management

Critical RCE Flaw Discovered In Confluence: CVE-2023-22522

A new remote code execution vulnerability has been found in Confluence Data Center and Server. CVE-2023-22522, exploited using template injection,…

Comments Off on Critical RCE Flaw Discovered In Confluence: CVE-2023-22522

December 7, 2023

Endpoint Management / Endpoint Security / Endpoint Security and Management / Patch Management / Security Research and Intelligence / Vulnerability Management

Microsoft’s November 2023 Patch Tuesday Fixes 75 Vulnerabilities, Including 5 Zero Days

This Patch Tuesday November 2023, Microsoft fixed 75 vulnerabilities, with three rated as critical and 57 rated as important. Elevation…

Comments Off on Microsoft’s November 2023 Patch Tuesday Fixes 75 Vulnerabilities, Including 5 Zero Days

November 15, 2023

Endpoint Management / Endpoint Security / Endpoint Security and Management / Patch Management / Security Research and Intelligence / Vulnerability Management

F5 Issues Warning: BIG-IP Vulnerability Used In Active Exploit Chain

According to F5, a critical security vulnerability in BIG-IP is being actively exploited after its public disclosure. CVE-2023-46747, resulting in…

Comments Off on F5 Issues Warning: BIG-IP Vulnerability Used In Active Exploit Chain

November 2, 2023

Endpoint Management / Endpoint Security / Endpoint Security and Management / Patch Management / Security Research and Intelligence / Vulnerability Management

Citrix Bleed: Critical Information Disclosure Vulnerability In Citrix NetScaler, Patch Now!

According to a security bulletin released by Citrix this month, their recent patches include a fix for a flaw with…

Comments Off on Citrix Bleed: Critical Information Disclosure Vulnerability In Citrix NetScaler, Patch Now!

October 26, 2023

Endpoint Management / Endpoint Security / Endpoint Security and Management / Security Research and Intelligence / Vulnerability Management

CVE-2023-44487: “HTTP/2 Rapid Reset” Flaw Results In Largest DDoS Attack

Until August 2023, the largest DDoS attack ever recorded sent 46 million requests per second (rps). This attack was mitigated…

Comments Off on CVE-2023-44487: “HTTP/2 Rapid Reset” Flaw Results In Largest DDoS Attack

October 12, 2023