vulnerabilities archivos - CISO2CISO.COM & CYBER SECURITY GROUP

vulnerabilities

Asana’s MCP AI connector could have exposed corporate data, CSOs warned – Source: www.csoonline.com

Asana’s MCP AI connector could have exposed corporate data, CSOs warned – Source: www.csoonline.com

securityweek.com

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products – Source: www.securityweek.com

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products – Source: www.securityweek.com

GitHub Actions attack renders even security-aware orgs vulnerable – Source: www.csoonline.com

GitHub Actions attack renders even security-aware orgs vulnerable – Source: www.csoonline.com

securityweek.com

Zyxel Firewall Vulnerability Again in Attacker Crosshairs – Source: www.securityweek.com

Zyxel Firewall Vulnerability Again in Attacker Crosshairs – Source: www.securityweek.com

Sicherheitsrisiko bei Salesforce Industry Cloud – Source: www.csoonline.com

Sicherheitsrisiko bei Salesforce Industry Cloud – Source: www.csoonline.com

‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover – Source: www.csoonline.com

‘Grafana Ghost’ XSS flaw exposes 47,000 servers to account takeover – Source: www.csoonline.com

Salesforce Industry Cloud riddled with configuration risks – Source: www.csoonline.com

Salesforce Industry Cloud riddled with configuration risks – Source: www.csoonline.com

securityweek.com

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking – Source: www.securityweek.com

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking – Source: www.securityweek.com

Security Boulevard

Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks – Source: securityboulevard.com

Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks – Source: securityboulevard.com

Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten – Source: www.csoonline.com

Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten – Source: www.csoonline.com

‘Dangerous’ vulnerability in GitLab Ultimate Enterprise Edition – Source: www.csoonline.com

‘Dangerous’ vulnerability in GitLab Ultimate Enterprise Edition – Source: www.csoonline.com

Unpatched holes could allow takeover of GitLab accounts – Source: www.csoonline.com

Unpatched holes could allow takeover of GitLab accounts – Source: www.csoonline.com

First-ever zero-click attack targets Microsoft 365 Copilot – Source: www.csoonline.com

First-ever zero-click attack targets Microsoft 365 Copilot – Source: www.csoonline.com

June Patch Tuesday advice for CSOs: Defense-in-depth needed to stop RCEs – Source: www.csoonline.com

June Patch Tuesday advice for CSOs: Defense-in-depth needed to stop RCEs – Source: www.csoonline.com

securityweek.com

Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape – Source: www.securityweek.com

Webinar Today: Rethinking Endpoint Hardening for Today’s Attack Landscape – Source: www.securityweek.com

Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw – Source: www.csoonline.com

Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw – Source: www.csoonline.com

New AI tool targets critical hole in thousands of open source apps – Source: www.infoworld.com

New AI tool targets critical hole in thousands of open source apps – Source: www.infoworld.com

Cloud assets have 115 vulnerabilities on average — some several years old – Source: www.csoonline.com

Cloud assets have 115 vulnerabilities on average — some several years old – Source: www.csoonline.com

Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 – Source: securelist.com

Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 – Source: securelist.com

Cisco Wireless LAN Controllers under threat again after critical exploit details go public – Source: www.csoonline.com

Cisco Wireless LAN Controllers under threat again after critical exploit details go public – Source:...

The high cost of misconfigured DevOps tools: Global cryptojacking hits enterprises – Source: www.csoonline.com

The high cost of misconfigured DevOps tools: Global cryptojacking hits enterprises – Source: www.csoonline.com

securityweek.com

Google Researchers Find New Chrome Zero-Day – Source: www.securityweek.com

Google Researchers Find New Chrome Zero-Day – Source: www.securityweek.com

Schneier on Security

New Linux Vulnerabilities – Source: www.schneier.com

New Linux Vulnerabilities – Source: www.schneier.com

New botnet hijacks AI-powered security tool on Asus routers – Source: www.csoonline.com

New botnet hijacks AI-powered security tool on Asus routers – Source: www.csoonline.com

Microsoft Entra’s billing roles pose privilege escalation risks in Azure – Source: www.csoonline.com

Microsoft Entra’s billing roles pose privilege escalation risks in Azure – Source: www.csoonline.com

securityweek.com

Vulnerabilities in CISA KEV Are Not Equally Critical: Report – Source: www.securityweek.com

Vulnerabilities in CISA KEV Are Not Equally Critical: Report – Source: www.securityweek.com

If you use OneDrive to upload files to ChatGPT or Zoom, don’t – Source: www.csoonline.com

If you use OneDrive to upload files to ChatGPT or Zoom, don’t – Source: www.csoonline.com

Security Boulevard

RSA and Bitcoin at BIG Risk from Quantum Compute – Source: securityboulevard.com

RSA and Bitcoin at BIG Risk from Quantum Compute – Source: securityboulevard.com

securityweek.com

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw – Source: www.securityweek.com

Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw – Source: www.securityweek.com

Beijing may have breached US government systems before Cityworks plugged a critical flaw – Source: www.csoonline.com

Beijing may have breached US government systems before Cityworks plugged a critical flaw – Source:...

MORE RESOURCES

CISO Strategics

cyber operations & soc

red - blue & purple teams

THREAT INTELLIGENCE

VULNERABILITIES

CYBER ATTACKS

DATA BREACH

MALLWARE

RANSOMWARE

DDOS ATTACKS

CLOUD SECURITY

IOT SECURITY

hacking

CISO
STRATEGICS

CYBER
ARCHITECTURE

SOC CSIRT
OPERATIONS

CYBERSECURITY
TOOLS

CYBERSECURITY
VENDORS

CYBERSECURITY
MSSP

Accenture
Attos
AT&T Cybersecurity
BT Security
BASE 4 - Hispam
Deloitte
Entelgy Security
KPMG
NTT Security
Novared - Hispam
Neosecure - Hispam
Orange Cyberdefense
PwC
Telefonica Tech
Thales
Verizon Security