CVEs
28
“This could be a new era for packet rate attacks: with botnets possibly capable of issuing billions of packets per second. It could seriously challenge how anti-DDoS infrastructures are built and scaled."
Security researchers regularly chafe at the deafening silence when they report a critical vulnerability in software: White Hats simply wanting to help organisations fix their cybersecurity all too often still find themselves being ignored – or worse, threatened with legal action when trying to help publicly exposed organisations that have not
It’s that time of the month again: Microsoft has pushed out 98 security patches for January’s Patch Tuesday: 11 are critical, one CVE-2023-21674 is being actively exploited and another gives unauthenticated remote access to your SharePoint Server – and requires not just the patch but a “SharePoint upgrade action”
Can you guess the product with the most CVEs in 2022?
Per RATM: "Action must be taken. We don't need the key we'll break in"
A vulnerability in multiple Fortinet products gives an unauthenticated remote attackers root access to its core product’s administrative interface – and the vulnerability has been exploited in the wild the company warned. Given exploitation the company has warned customers to check for Indicators of Compromise. https://twitter.com/Horizon3Attack/status/
Exploited for a month. No detection in Sentinel, no patch yet. Mitigate urgently.