PravinKarthik

GitHub fixes Critical Vulnerability CVE-2024-9487

GitHub has released security updates to address two vulnerabilities in GitHub Enterprise Server, one of which could allow attackers to bypass authentication and gain unauthorized access. The critical vulnerability tracked…

PravinKarthik October 15, 2024

Trinity Ransomware Dissection

The U.S. Department of HHS has warned about a relatively new threat actor dubbed as Trinity ransomware that known for employing a double extortion strategy. Initially seen around May 2024,…

PravinKarthik October 15, 2024

Splunk Security Advisory-October 2024

Splunk has released a slew of security updates to address multiple vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These vulnerabilities range in severity, with some enabling remote code execution…

PravinKarthik October 15, 2024

Apache Roller Vulnerability CVE-2024-46911

The Apache Software Foundation has released a security update for Apache Roller The vulnerability, tracked as CVE-2024-46911, a critical Cross-site Request Forgery (CSRF) vulnerability that could allow attackers to escalate…

PravinKarthik October 14, 2024

Apache Avro vulnerability CVE-2024-47561

Apache project releases patch for a vulnerability tracked as CVE-2024-47561, that impacts all versions of the software prior to 1.11.4. Apache Avro is a data serialization framework developed as part of…

PravinKarthik October 14, 2024

CISA releases VDP platform Annual report for 2023

The U.S. CISA has released its 2023 Annual Report for the Vulnerability Disclosure Policy (VDP) Platform. Over the past year, the agency concentrated on promoting greater adoption of the VDP…

PravinKarthik October 13, 2024

Veeam Backup flaw CVE-2024-40711 used in ransomware campaigns

Security agencies were alerting about the mass exploitation of a critical Veeam backup and replication vulnerability by ransomware groups. The vulnerability tracked as CVE-2024-40711 with a CVSS score of 9.8,…

PravinKarthik October 12, 2024