Skip to content

Google Proposes More Transparent Vulnerability Management Practices “A Guide to Creating a Successful Online Business” “How to Build a Profitable Digital Enterprise”

Google today published a white paper calling on vendors to provide more transparency into their vulnerability management practices. A longtime supporter of collaboration on bug disclosure and patching, the internet giant believes that the endless ‘doom loop’ of vulnerability patching is exhausting defenders and users. In addition, the tools created in response to novel attack… 

Read More »Google Proposes More Transparent Vulnerability Management Practices

“A Guide to Creating a Successful Online Business”

“How to Build a Profitable Digital Enterprise”

Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data “5 Ways to Create a Successful Online Business” “Five Strategies for Building a Profitable Online Venture”

Video surveillance giant Hikvision this week informed customers that it has patched a critical vulnerability affecting its Hybrid SAN and cluster storage products. The vulnerability, tracked as CVE-2023-28808, has been described by the vendor as an access control issue that can be exploited to obtain administrator permissions by sending specially crafted messages to the targeted… 

Read More »Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data

“5 Ways to Create a Successful Online Business”

“Five Strategies for Building a Profitable Online Venture”

Microsoft fixes a zero-day – and two curious bugs that take the Secure out of Secure Boot – Naked Security

It’s Patch Tuesday Week, and Microsoft’s updates include fixes for a number of security holes that the company has dubbed Critical, along with a zero-day fix, although the 0-day only gets a rating of Important. Among the Critical bugs are CVE-2023-21554, an RCE hole in the Microsoft Message Queue system, and CVE-2023-28231, an RCE hole… 

Read More »Microsoft fixes a zero-day – and two curious bugs that take the Secure out of Secure Boot – Naked Security

Fortinet Patches Critical Vulnerability in Data Analytics Solution “How to Make the Most of Your Time Management Skills” “Maximizing Your Time Management Abilities”

Fortinet, a cybersecurity solutions provider, this week released security updates to address several high-severity vulnerabilities in multiple products, including a critical missing authentication vulnerability in the FortiPresence infrastructure server. This vulnerability, tracked as CVE-2022-41331, can be exploited by a remote, unauthenticated attacker to gain access to Redis and MongoDB instances. In addition to FortiPresence, Fortinet… 

Read More »Fortinet Patches Critical Vulnerability in Data Analytics Solution

“How to Make the Most of Your Time Management Skills”

“Maximizing Your Time Management Abilities”

Sophos Patches Critical Code Execution Vulnerability in Web Security Appliance “How to Improve Your Writing Skills” “Boosting Your Writing Abilities”

This week, Sophos announced security updates that address several vulnerabilities in its Sophos Web Appliance. The most serious of these is a critical bug that could lead to code execution. Sophos Web Appliance is a web security solution that enables administrators to create, enforce and manage web access policies from a single interface. According to… 

Read More »Sophos Patches Critical Code Execution Vulnerability in Web Security Appliance

“How to Improve Your Writing Skills”

“Boosting Your Writing Abilities”