Citrix Issues Critical Patches for 11 New Flaws Affecting Multiple Products – Tempemail

Citrix yesterday issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WAN Optimization edition (WANOP) networking products. Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection, information disclosure, and even denial-of-service attacks against Continue Reading

Critical Apache Guacamole Flaws Put Remote Desktops at Risk of Hacking – Tempemail

A new research has uncovered multiple critical reverse RDP vulnerabilities in Apache Guacamole, a popular remote desktop application used by system administrators to access and manage Windows and Linux machines remotely. The reported flaws could potentially let bad actors achieve full control over the Guacamole server, intercept, and control all Continue Reading

Microsoft Releases Urgent Windows Update to Patch Two Critical Flaws – Tempemail

Microsoft yesterday quietly released out-of-band software updates to patch two high-risk security vulnerabilities affecting hundreds of millions of Windows 10 and Server editions’ users. To be noted, Microsoft rushed to deliver patches almost two weeks before the upcoming monthly ‘Patch Tuesday Updates’ scheduled for 14th July. That’s likely because both Continue Reading

New Critical Flaws Put Billions of Internet-Connected Devices at Risk of Hacking – Tempemail

The Department of Homeland Security and CISA ICS-CERT will today issue a critical security advisory warning about over a dozen newly discovered vulnerabilities affecting billions of Internet-connected devices manufactured by over 500 vendors across the globe. Dubbed “Ripple20,” the set of 19 vulnerabilities reside in a low-level TCP/IP software library Continue Reading

Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations – Tempemail

If your business operations and security of sensitive data rely on Oracle’s E-Business Suite (EBS), make sure you recently updated and are running the latest available version of the software. In a report released by enterprise cybersecurity firm Onapsis and shared with The Hacker News, the firm today disclosed technical Continue Reading

Two Critical Flaws in Zoom Could’ve Let Attackers Hack Systems via Chat – Tempemail

If you’re using Zoom—especially during this challenging time to cope with your schooling, business, or social engagement—make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers. No, it’s not about the arrival of the most-awaited “real” end-to-end encryption Continue Reading

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers – Tempemail

A new set of critical vulnerabilities uncovered in SAP’s Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in Sybase Adaptive Server Enterprise (ASE), a relational database Continue Reading

Cisco servers compromised using SaltStack flaws – Networking – Security- Tempemail

Cisco has revealed that six servers it operates in conjunction with earlier versions of its virtual internet routing lab personal edition (VIRL-PE) product were compromised following the disclosure of critical vulnerabilities in SaltStack. Finnish security vendor F-Secure said earlier this month that critical vulnerabilities in SaltStack digital infrastructure automation systems Continue Reading

Unfixable Thunderbolt flaws bypass computer access security – Hardware – Security- Tempemail

A Dutch masters student has found vulnerabilities in the Thunderbolt input/output port hardware design that lets attackers fully bypass computer access security measures such as Secure Boot, login passwords and full-disk encryption. Physical access to computers are required however, to perform the attack that MSc student Björn Ruytenberg named Thunderspy. Continue Reading

7 New Flaws Affect All Thunderbolt-equipped Computers Sold in the Last 9 Years – Tempemail

A cybersecurity researcher today uncovers a set of 7 new unpatchable hardware vulnerabilities that affect all desktops and laptops sold in the past 9 years with Thunderbolt, or Thunderbolt-compatible USB-C ports. Collectively dubbed ‘ThunderSpy,’ the vulnerabilities can be exploited in 9 realistic evil-maid attack scenarios, primarily to steal data or Continue Reading