The Cybersecurity and Security Agency (CISA) added CVE-2023-29360 to the Known Exploited Vulnerabilities database on 29 February 2024. It has allowed 3 weeks to patch this threat i.e. by 21 March 2024. Salient points What versions of Windows are affected? …
North Korean group of hackers, Lazarus, are exploiting an old zero-day vulnerability in Microsoft Window’s Applocker app. The details of the vulnerability and the cyber-attacks are shared below. Salient points What versions of Windows are affected? The Applocker vulnerability CVE-2024-21338 …
The CISA added ConnectWise ScreenConnect vulnerability to the Known Exploited Vulnerabilities database on 22 February 2024. The vulnerability ought to be patched before 29 February 2024. Salient points About CWE-288 CWE-288 or CVE-2024-1709 enables attackers to bypass authentication mechanisms using …
Federal Trade Commission (FTC) has charged Avast with selling customer browsing data to third-party advertisers. Avast is based in Europe. It offers security products for endpoint security. Salient points What user data was sold? Avast collected and sold user browsing …
There has been a massive crackdown on the Lockbit ransomware operator. Enforcement agencies have jointly carried out the crackdown from multiple countries. We look at the details of this crackdown below. Salient points Details of the crackdown This legal crackdown …
Zoom has released a new security update on 13 February 2024 for Windows platform. The security update is designed to patch a CRITICAL vulnerability. Salient points Zoom – Affected versions CVE-2024-24691 is a CVSS 9.6 CRITICAL vulnerability. The CRITICAL EoP …
The CISA has added Microsoft Exchange Server Elevation of Privilege Vulnerability to the list of CISA’s Known Exploited Vulnerabilities Catalog on 15 February 2024. The due date for resolution is 7 March 2024. We look at the Microsoft Exchange Server …
The CISA has added Cisco’s ASA vulnerability to the Known Exploited Vulnerabilities catalog on 15 February 2024. The CISA due date for resolution of this vulnerability is 7 March 2024. We look at the details of this old vulnerability. Salient …
The Product Security Incident Response Team (PSIRT) of Adobe has released new security updates for multiple Adobe products. These security updates have been released as part of the ‘Patch Tuesday’ initiative of Adobe. Salient points What Adobe products are affected? Adobe …
France’s data protection agency CNIL has reported a data breach involving two French service providers — Viamedis and Almerys. We look at the details of the data breach below. Salient points What data was breached? The CNIL has confirmed that …