CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Vulnerability
Proof-of-concept exploit details are available for a newly disclosed critical vulnerability in Fortra GoAnywhere Managed File Transfer (MFT), a product historically targeted by ransomware
CVE-2023-22527: Atlassian Confluence Data Center and Server Template Injection Exploited in the Wild
In the wild exploitation has begun for a recently disclosed, critical severity flaw in Atlassian Confluence Data Center and Server
Oracle 2024 年 1 月重大修補程式更新解決了 191 個 CVE
Oracle addresses 191 CVEs in its first quarterly update of 2024 with 389 patches, including 37 critical updates.
CVE-2023-6548、CVE-2023-6549:Citrix NetScaler ADC 和 NetScaler Gateway 中受到刺探利用的零時差弱點
Two zero-day vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway have been exploited in the wild. Urgent patching is required to address these flaws.
CVE-2023-46805、CVE-2024-21887: Ivanti Connect Secure 和 Policy Secure Gateways 中受到刺探利用的零時差弱點
Two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure have been exploited in the wild, with at least one attack attributed to nation-state actors.
Microsoft 的 2024 年 1 月 Patch Tuesday 解決了 48 個 CVE (CVE-2024-20674)
Microsoft addresses 48 CVEs in its January 2024 Patch Tuesday release with no zero-day or publicly disclosed vulnerabilities.
2023 年 Microsoft Patch Tuesday 年度評論
Microsoft addressed over 900 CVEs as part of Patch Tuesday releases in 2023, including over 20 zero-day vulnerabilities.
Microsoft 的 2023 年 12 月份 Patch Tuesday 解決了 33 個 CVE (CVE-2023-36019)
Microsoft addresses 33 CVEs in its December 2023 Patch Tuesday release, with no zero-day vulnerabilities disclosed this month.
CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To Prevent Further Compromise
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication
CitrixBleed 常見問答集 (CVE-2023-4966)
Frequently asked questions relating to a critical vulnerability in Citrix NetScaler that has been under active exploitation for over a month, including by ransomware groups.
Microsoft 在 2023 年 11 月的 Patch Tuesday 中解決了 57 個 CVE (CVE-2023-36025)
Microsoft addresses 57 CVEs, including three zero-day vulnerabilities that were exploited in the wild.
CVE-2023-22518: Critical Atlassian Confluence Data Center and Server Improper Authorization Vulnerability
Atlassian warns of public vulnerability details for a critical flaw in Confluence Data Center and Server, as its CISO urges organizations to apply patches immediately.
聯絡我們的銷售團隊