March 21, 2023 - Cyber Security News

Ping Identity debuts decentralized access management system in early access

Ping Identity, a Colorado-based IAM software vendor, is making a new product, PingOne Neo, available in a limited early access program. PingOne Neo is designed...

March 21, 2023

News

As critical Microsoft vulnerabilities drop, attackers may adopt new techniques

While the total number of recorded Microsoft vulnerabilities was higher in 2022 than ever before, the number of critical vulnerabilities declined to its lowest point,...

March 21, 2023

Advisories

reposurgeon-4.35-1.fc38

FEDORA-2023-76d18cf2fa Packages in this update: reposurgeon-4.35-1.fc38 Update description: 4.35: 2023-03-21 Document an importand gotcha about working with CVS. Clean up some annoyances in the build...

March 21, 2023

News

BrandPost: Stop the Sprawl: How Vendor Consolidation Can Reduce Security Risks in the Cloud

Managing multiple security vendors is proving to be a significant challenge for organizations, leading to difficulties in integration, visibility, and control. Recent surveys and reports...

March 21, 2023

Advisories

Realtek Jungle SDK Vulnerability (CVE-2021-35394) Still Actively being Exploited in the Wild

FortiGuard Labs has observed threat actors continuing to exploit an arbitrary command injection vulnerability in Realtek Jungle SDK (CVE-2021-35394). Successful exploitation of this vulnerability allows...

March 21, 2023

Advisories

CVE-2022-38458

A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted man-in-the-middle attack can lead to a disclosure...

March 21, 2023

Advisories

CVE-2022-38452

A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary...

March 21, 2023

Advisories

CVE-2022-37337

A command execution vulnerability exists in the access control functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted HTTP request can lead to arbitrary command...

March 21, 2023

Advisories

CVE-2022-36429

A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary...

March 21, 2023

Advisories

CVE-2018-25082

A vulnerability was found in zwczou WeChat SDK Python 0.3.0 and classified as critical. This issue affects the function validate/to_xml. The manipulation leads to xml...

March 21, 2023

AI Threat to Escalate in 2025, Google Cloud Warns

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS

Mapping License Plate Scanners in the US

Amazon MOVEit Leaker Claims to Be Ethical Hacker

Microsoft Fixes Four More Zero-Days in November Patch Tuesday

Fake Job Ads and Fake Identities: How North Korea Gets Its Hands on Our Data

Microsoft Patch Tuesday, November 2024 Edition

The AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?

TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware

Day: March 21, 2023

Ping Identity debuts decentralized access management system in early access

As critical Microsoft vulnerabilities drop, attackers may adopt new techniques

reposurgeon-4.35-1.fc38

BrandPost: Stop the Sprawl: How Vendor Consolidation Can Reduce Security Risks in the Cloud

Realtek Jungle SDK Vulnerability (CVE-2021-35394) Still Actively being Exploited in the Wild

CVE-2022-38458

CVE-2022-38452

CVE-2022-37337

CVE-2022-36429

CVE-2018-25082