vulnerability
-
Blog
Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs
Volt Typhoon, a Chinese state-sponsored hacking group, has been caught exploiting a zero-day vulnerability in Versa Director servers, used by managed service providers and internet service providers. CVE-2024-39717 was added to CISA’s “Known Exploited Vulnerabilities Catalog” on Aug. 23 after Lumen Technologies discovered its active exploitation. Data from Censys shows that there are 163 devices in the U.S., Philippines, Shanghai,…
Read More » -
Blog
Versa fixes Director zero-day vulnerability exploited in attacks
Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. Versa Director is a platform designed to help managed service providers simplify the design, automation, and delivery of SASE services, offering essential management, monitoring, and orchestration for Versa SASE’s networking…
Read More » -
Blog
New Windows Vulnerability Impacts PCs With IPv6
Security updates are an important way to keep your devices safe, and if you have a Windows PC, you’ll definitely want to install any available updates. Microsoft is now patching a significant vulnerability caused by the IPv6 stack in Windows. Microsoft has confirmed a critical vulnerability in its TCP/IP protocol that could allow remote attackers to execute code on all…
Read More » -
Blog
NetSuite vulnerability could leave thousands of websites exposed
Researchers have warned of a new vulnerability in NetSuite’s SuiteCommerce tool that could expose sensitive data. Stemming from misconfigured access controls, the vulnerability leaves sensitive personally identifiable information (PII) exposed, including the full addresses and mobile phone numbers of customers The vulnerability has already left several thousand live SuiteCommerce websites vulnerable and the extent of potential damage could be far-reaching.…
Read More » -
Blog
New Windows vulnerability could repeatedly trigger the blue screen of death on millions of devices
A new Windows vulnerability could be exploited by attackers to generate an unrecoverable inconsistency and repeatedly crash affected systems, researchers have warned. Ricardo Narvaja, principal exploit writer at cybersecurity and automation software company Fortra, uncovered a vulnerability in the common log file system (CLFS.sys) driver of Windows. Disclosed by Fortra on 12 August, CVE-2024-6768 is said to have been caused…
Read More » -
Blog
Microsoft warns of serious vulnerability in Office – Computerworld
Microsoft is urging all users of Office and Microsoft 365 to update the software as soon as possible, because hackers have started exploiting a serious vulnerability to access sensitive information on computers. To be fully protected against the vulnerability, designated CVE-2024-38200, users need to install a security fix that will be released to the public on Aug. 13, this month’s…
Read More »