SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is
Jenkins Security Advisory 2024-08-07 CVE-2024-43044 CVE-2024-43045
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
Chinese APT40 hackers hijack SOHO routers to launch attacks
An advisory by CISA and multiple international cybersecurity agencies highlights the tactics, techniques, and procedures (TTPs) of APT40 (aka
Critical GitLab bug lets attackers run pipelines as any user
A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user.
Microsoft Office 365 Message Encryption Insecure Mode of Operation | WithSecure™ Labs
Microsoft Office 365 Message Encryption (OME) utilitises Electronic Codebook (ECB) mode of operation. This mode is insecure and leaks information about the structure of the messages sent and can lead to partial or full message disclosure.
Microsoft Office 365 Message Encryption Insecure Mode of Operation | WithSecure™ Labs
Microsoft Office 365 Message Encryption (OME) utilitises Electronic Codebook (ECB) mode of operation. This mode is insecure and leaks information about the structure of the messages sent and can lead to partial or full message disclosure.