Security pros say while Ivanti has been transparent, the incidents over the past several weeks show how relentless attackers are in continuing to look for exploitable bugs.
Fortinet has reported that its FortiSIEM solution is impacted by two new vulnerabilities that circumvent fixes issued for a critical remote code execution flaw, tracked as CVE-2023-34992, after mistakenly disclosing the newly identified issues as duplicates of the older bug, according to BleepingComputer.
AnyDesk has emphasized the safety of all its remote monitoring software versions obtained from legitimate sources, as well as noted the lack of any evidence suggesting any customer data compromise following a cyberattack last week, which it said only affected relay servers in Spain and Portugal, according to The Record, a news site by cybersecurity firm Recorded Future.
Microsoft Azure HDInsight has been identified to have its third-party Apache Hadoop, Kafka, and Spark services affected by three security flaws, which stem from Apache Ambari and Oozie software and have already been remediated by Microsoft in updates issued in October, The Hacker News reports.
In the Security News: - Shim Shady, Up Shims Creek, whatever you want to call it, there’s a vulnerability affecting pretty much all Linux distributions (and other operating systems as well), when your toothbrush attacks the Internet, or some claim, glibc has some vulnerabilities, not all got a CVE, and one is for the algorithm lovers, Google shows ...
Mexico has been subjected to attacks with a new variant of the Mispadu banking trojan that involved the exploitation of a high-severity Windows SmartScreen vulnerability patched by Microsoft in November, according to The Hacker News.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.