eSecurity Planet
JANUARY 8, 2024
The new year brought few new vulnerabilities, and only Ivanti Endpoint Manager (EPM) and Kyber, the quantum resistant encryption algorithm, publicized new vulnerabilities or fixes. Speed remains critical to security, but more importantly, patching teams need to make progress with patch and vulnerability management. x or 4.9.7
eSecurity Planet
FEBRUARY 26, 2024
February 19, 2024 Microsoft Exchange Servers Vulnerable to Privilege Escalation Attacks Type of vulnerability: Critical severity privilege escalation vulnerability. The problem: CVE-2024-21410 allows remote attackers to carry out NTLM relay attacks on Microsoft Exchange Servers, providing them with privileged access.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
eSecurity Planet
MARCH 25, 2024
March 13, 2024 Fortra Vulnerability Could Result in Remote Code Execution Type of vulnerability: Directory traversal in Fortra’s FileCatalyst workflow, potentially leading to remote code execution. The directory traversal vulnerability is tracked as CVE-2024-25153 and has a critical rating of 9.8. X version of the software.
eSecurity Planet
JANUARY 22, 2024
Make sure your security teams are regularly checking vendors’ software and hardware updates for any patches, and keep a particular eye on networking equipment. January 16, 2024 Open-Source UEFI Implementation Sees 9 Vulnerabilities Type of vulnerability: Weaknesses in the network boot process of UEFI’s network implementation.
Thales Cloud Protection & Licensing
SEPTEMBER 18, 2023
Compliance madhav Tue, 09/19/2023 - 05:17 It is essential for any business that stores, processes, and transmits payment card information to comply with the Payment Card Industry Data Security Standard (PCI DSS). Consumers’ payment data is a compelling target for criminals who continue to circumvent IT security defenses.
eSecurity Planet
APRIL 12, 2024
Proofpoint’s 2024 data loss landscape report reveals 84.7% Sample access restriction from SolarWinds’ access rights management dashboard Encrypt Data This practice entails using data encryption tools to keep sensitive data confidential and safe from illegal access or exploitation, even if the device is lost or stolen.
eSecurity Planet
FEBRUARY 16, 2024
Despite initial suspicions, encrypted communications with specific keys linked the attacks to the previous ones, indicating an organized effort. In February 2024, the CISA, NSA, and FBI warned of PRC cyber actors pre-positioning themselves again to disrupt the IT networks of U.S. Want to strengthen your organization’s digital defenses?
Expert insights. Personalized for you.
109 
Let's personalize your content