Fortinet has released patches for a critical-severity path traversal vulnerability in FortiWLM that was reported last year.
The post Fortinet Patches Critical FortiWLM Vulnerability appeared first on SecurityWeek.
SandboxAQ Raises $300 Million at $5.3 Billion Valuation
Alphabet spinoff SandboxAQ has announced raising $300 million in funding at a valuation of $5.3 billion.
The post SandboxAQ Raises $300 Million at $5.3 Billion Valuation appeared first on SecurityWeek.
Chrome 131 Update Patches High-Severity Memory Safety Bugs
Google has released a Chrome 131 update to patch multiple high-severity memory safety vulnerabilities, including three affecting the V8 JavaScript engine.
The post Chrome 131 Update Patches High-Severity Memory Safety Bugs appeared first on SecurityWeek.
Juniper Warns of Mirai Botnet Targeting Session Smart Routers
Juniper Networks says a Mirai botnet is ensnaring session smart router devices that are using default passwords.
The post Juniper Warns of Mirai Botnet Targeting Session Smart Routers appeared first on SecurityWeek.
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information.
The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0.
“A relative path traversal [CWE-23] in FortiWLM may allow a remote unauthenticated attacker to read sensitive files,” the
The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0.
“A relative path traversal [CWE-23] in FortiWLM may allow a remote unauthenticated attacker to read sensitive files,” the
CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines.
“Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,
“Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency
The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020.
An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data
An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless.
Users who visit the
Users who visit the
Ongoing phishing attack abuses Google Calendar to bypass spam filters
An ongoing phishing scam is abusing Google Calendar invites and Google Drawings pages to steal credentials while bypassing spam filters. […]
Raccoon Stealer malware operator gets 5 years in prison after guilty plea
Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. […]