SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.
The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek.
In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams
Noteworthy stories that might have slipped under the radar: US Special Forces can hack buildings, X is hiring cybersecurity staff, and FTC warns of Bitcoin ATM scams.
The post In Other News: US Army Hacks Buildings, X Hiring Cybersecurity Staff, Bitcoin ATM Scams appeared first on SecurityWeek.
Apache Makes Another Attempt at Patching Exploited RCE in OFBiz
The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks.
The post Apache Makes Another Attempt at Patching Exploited RCE in OFBiz appeared first on SecurityWeek.
Cybersecurity M&A Roundup: 36 Deals Announced in August 2024
Roundup of the three dozen cybersecurity-related merger and acquisition (M&A) deals announced in August 2024.
The post Cybersecurity M&A Roundup: 36 Deals Announced in August 2024 appeared first on SecurityWeek.
Veeam Patches Critical Vulnerabilities in Enterprise Products
Veeam has released patches for critical-severity vulnerabilities in Backup & Replication, ONE, and Service Provider Console.
The post Veeam Patches Critical Vulnerabilities in Enterprise Products appeared first on SecurityWeek.
LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks
A vulnerability in the LiteSpeed Cache WordPress plugin leads to the exposure of sensitive information, including user cookies.
The post LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks appeared first on SecurityWeek.
CISA Responds After Disclosure of Controversial ‘Airport Security Bypass’ Vulnerability
Researchers and the TSA have different views on the impact of vulnerabilities in an application related to airport security systems.
The post CISA Responds After Disclosure of Controversial ‘Airport Security Bypass’ Vulnerability appeared first on SecurityWeek.
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025
The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected in the future. However,
Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts.
The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.
“The plugin suffers from an
The vulnerability, tracked as CVE-2024-44000 (CVSS score: 7.5), impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1.
“The plugin suffers from an
Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution
A new security flaw has been addressed in the Apache OFBiz open-source enterprise resource planning (ERP) system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows.
The high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5), affects all versions of the software before 18.12.16.
The high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5), affects all versions of the software before 18.12.16.
“An attacker with no valid