Alerts

Palo Alto has released security updates to fix multiple vulnerabilities across several Palo Alto products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, execute buffer overflow attacks, gain elevated privilege, bypass security restrictions, or execute arbitrary commands and gain access to the affected system. Sample of the addressed vulnerabilities: 1. Palo Alto

Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products. The addressed vulnerabilities could allow the attacker to obtain sensitive information, gain elevated privilege, perform denial of services attacks, or execute arbitrary commands and gain access to the affected product. Sample of the addressed vulnerabilities: 1. Multiple Cisco Products Privilege Escalation Vulnerability

SAP has released security updates to address several vulnerabilities affecting multiple SAP products. SAP has released a patch that fixes several vulnerabilities affecting multiple SAP products such as SAP BusinessObjects Business Intelligence Platform, SAP Commerce Cloud, SAP Replication Server, SAP Replication Server, SAP Production and Revenue Accounting, SAP S/4HANA, SAP NetWeaver and SAP Business Warehouse.

Fortinet has released security updates to fix several vulnerabilities across multiple Fortinet products. The addressed vulnerabilities could allow the attacker to perform brute force attacks, obtain sensitive information, conduct man-in-the-middle attacks, retrieve or delete arbitrary files from the underlying filesystem, execute limited and temporary commands on the underlying database, and gain access to the affected

Citrix has released a security update to address multiple vulnerabilities across Citrix Workspace app for Windows. The addressed vulnerabilities could allow the attacker to gain elevated privileges to the affected systems by sending a specially crafted request. The addressed vulnerabilities: 1. Citrix Workspace app for Windows Privilege Escalation Vulnerability (CVE-2024-7889): CVSS: 7.8 Attack Vector: Local

Google has released an updated Chrome version 128.0.6613.137/.138 for Windows, and Mac and 128.0.6613.137 for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability

Intel has released security updates to address several vulnerabilities in multiple Intel products. The addressed vulnerabilities could allow the attacker to gain elevated privileges, obtain sensitive information, or perform denial-of-service attacks on the affected product. Samples of the addressed vulnerabilities: 1. Intel® Reference Processors Privilege Escalation Vulnerability (CVE-2023-42772): CVSS: 8.2 Attack Vector: Local Attack Complexity:

Mozilla has released an updated Firefox version 130, Firefox ESR version 115.15, and 128.2 to fix multiple vulnerabilities. The addressed vulnerabilities could allow the remote attacker to bypass security restrictions, conduct spoofing attacks, obtain sensitive information, execute arbitrary code, and gain access to the affected products. Sample of the addressed vulnerabilities: 1. Mozilla Firefox Code

RansomHub ransomware is a ransomware-as-a-service variant formerly known as Cyclops and Knight which emerged in 2017, encrypts files on victims’ systems, and demands payment for decryption. In February 2024 threat actors affiliated with the RansomHub ransomware group systematically encrypted and exfiltrated data from at least 210 victims across various sectors, including information technology, government services,

Google has released an updated Chrome version “128.0.6613.119/.120” for Windows and Mac and “128.0.6613.119” for Linux. The addressed vulnerabilities could allow the remote attacker to execute arbitrary code and gain access to the affected system by persuading the victim to visit a specially crafted website. Sample of the addressed vulnerabilities: Google Chrome Code Execution Vulnerability