The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit […]
Author Archives: Onsite Computing, Inc.
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows – CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before […]
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. […] Go to Source Author: Sergiu Gatlan
The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks. Go to Source Author: Jai Vijayan, Contributing Writer
A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. […] Go to Source Author: Bill Toulas
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. […] Go to Source Author: Sergiu Gatlan
Microsoft has released the KB5048652 cumulative update for Windows 10 22H2, which contains six fixes, including a fix that prevented Windows 10 from activating when you change a device’s motherboard. […] Go to Source Author: Lawrence Abrams
Today is Microsoft’s December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. […] Go to Source Author: Lawrence Abrams
Microsoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. […] Go to Source Author: Mayank Parmar