article thumbnail

Patch Tuesday, June 2024 “Recall” Edition

Krebs on Security

CVE-2024-30080 is a flaw in the Microsoft Message Queuing (MSMQ) service that can allow attackers to execute code of their choosing. CVE-2024-30080 has been assigned a CVSS vulnerability score of 9.8 (10 CVE-2024-30078 is a remote code execution weakness in the Windows WiFi Driver , which also has a CVSS score of 9.8.

Internet 219
article thumbnail

Patch Tuesday, May 2024 Edition

Krebs on Security

CVE-2024-30051 is an “elevation of privilege” bug in a core Windows library. ” CVE-2024-30040 is a security feature bypass in MSHTML , a component that is deeply tied to the default Web browser on Windows systems. . First, the zero-days.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Midyear Check-In: Top Cybersecurity Predictions for 2024

Lohrman on Security

It’s been six months since I released the Top 24 Security Predictions for 2024, so which predictions are on track and which seem off base — so far? And what’s new as we hit the halfway point in the year?

article thumbnail

The Top 24 Security Predictions for 2024 (Part 1)

Lohrman on Security

Where next for cyber in 2024? Here’s your annual roundup of cybersecurity forecasts, top cyber trends and cybersecurity industry prediction reports as we head into calendar year 2024.

article thumbnail

Cybersecurity Predictions for 2024

elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024. Add to that hacktivism due to global conflicts and U.S. We’ve recently looked back at what happened within cybersecurity in 2023.

article thumbnail

CVE-2024-5671 (CVSS 9.8) Exposes Trellix Intrusion Prevention System to Remote Attacks

Penetration Testing

The flaws, tracked as CVE-2024-5671 and CVE-2024-5731, leave unprotected systems vulnerable to remote code... The post CVE-2024-5671 (CVSS 9.8) Trellix, a prominent cybersecurity provider, has issued urgent patches for two critical vulnerabilities discovered in its Intrusion Prevention System (IPS).

article thumbnail

D-Link Routers Exposed: Critical Backdoor Vulnerability Discovered (CVE-2024-6045)

Penetration Testing

Taiwan’s CERT (Computer Emergency Response Team) has issued a critical security advisory regarding a high-severity vulnerability (CVE-2024-6045) affecting numerous models of D-Link wireless routers.

Wireless 139