Threat and Vulnerability Management – Page 2

Effluence Backdoor Targeting Atlassian Confluence Vulnerabilities

Source- Kaspersky Researchers have discovered a new threat called Effluence, which is a backdoor that exploits recently discovered vulnerabilities in Atlassian Confluence Data Center and Server. The Effluence malware acts…

PravinKarthik November 11, 2023

FIRST Releases CVSS 4.0

The Forum of Incident Response and Security Teams (FIRST) has officially announced the release of version 4.0 of the Common Vulnerability Scoring System (CVSS), coming eight years after the previous version, CVSS…

PravinKarthik November 2, 2023

Sophos Firewall Information Disclosure Vulnerability – CVE-2023-5552

Researchers have discovered a vulnerability in the Sophos Firewall that could leads to a sensitive information disclosure. The vulnerability tracked as CVE-2023-5552 with a CVSS score of 7.1, identified in…

PravinKarthik October 23, 2023

Chae$4 Malaware targets financial institutions

Researchers have discovered a new and advanced variant of the Chaes malware targeting customers of financial and logistics companies in Latin America. The latest malware variant dubbed as Chae$4 and…

PravinKarthik September 6, 2023

IBM fixes several vulnerabilities in Sterling Secure Proxy.

IBM has fixed several vulnerabilities in IBM Sterling Secure Proxy, mostly related to denial of service and information disclosure. The severity of the vulnerability varies between 4.5 to 9.8 IBM…

PravinKarthik September 5, 2023

Splunk Fixes Several Vulnerabilities on Data Analytics Platform

Splunk has fixed several vulnerabilities in its data analytics platform. The vulnerabilities affect Splunk Enterprise and Splunk SOAR and could allow an attacker to execute arbitrary code, gain unauthorized access,…

PravinKarthik September 4, 2023

Apache Traffic Server Critical Vulnerabilities

Researchers have identified two critical security vulnerabilities in Apache Traffic Server that could allow attackers to cause denial of service attacks or bypass security restrictions. ATS plays a pivotal role…

PravinKarthik August 14, 2023

Microsoft Discloses Vulnerability Details in CODESYS

Microsoft has disclosed 15 high-severity vulnerabilities in a widely used collection of tools used to program operational devices inside industrial facilities. While exploiting the code-execution and denial-of-service vulnerabilities was difficult,…

PravinKarthik August 12, 2023