For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the vulnerabilities fixed this time aroundare under active exploitation or have been previously publicly disclosed. The critical…
Tag: Help Net Security
SpecterOps adds new Attack Paths to BloodHound Enterprise
SpecterOps announced updates to BloodHound Enterprise (BHE) that add new Attack Paths focused on Active Directory Certificate Services (ADCS). These updates make BHE the most advanced tool on the market today for securing ADCS. ADCS is the Public Key Infrastructure…
Critical Start Asset Visibility helps customers become more proactive within their security program
Critical Start launched their Asset Visibility offering. As part of an MCRR strategy, Asset Visibility helps customers become more proactive within their security program, helping them uncover assets that need protection, validate that the expected endpoint security controls are in…
Attackers could use vulnerabilities in Bosch Rexroth nutrunners to disrupt automotive production
Researchers have discovered over two dozen vulnerabilities in “smart” cordless nutrunners (i.e., pneumatic torque wrenches) manufactured by Bosch Rexroth that could be exploited to make the devices inoperable or their output unreliable. “Depending on a manufacturer’s use and business configuration,…
ID R&D introduces voice clone detection to protect users against audio deepfakes
ID R&D introduced voice clone detection as a new option for its IDLive Voice liveness detection product. Detecting voice clones and audio deepfakes can prevent fraud and crime, deter bad actors, and help preserve trust in the authenticity of digital…
Silex Technology AMC Protect improves cybersecurity for critical devices
Silex Technology announced their new protection service product offering called AMC Protect, a robust software management service designed to monitor and remedy vulnerabilities. AMC Protect targets customers utilizing Silex’s embedded wireless LAN modules or purchasing Silex’s OEM products. “We have…
Delinea acquires Authomize to help organizations reduce identity-related risk
Delinea announced it has acquired Authomize, an innovator in the detection and elimination of identity-based threats across the cloud. The continuous discovery and visibility capabilities of Authomize, married with Delinea’s SaaS solutions for PAM, will extend the Delinea Platform’s reach…
Viavi enhances Observer Platform to maximize network availability, productivity and compliance
Viavi Solutions announced significant enhancements to the Observer Platform allowing IT teams to further maximize network availability, productivity and compliance. The enhancements include critical new capabilities in End-User Experience (EUE) scoring, digital certificate analysis, application identification, Unified Communications (UC) support,…
SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448)
A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information disclosure and potentially remote code execution. Cacti is often used in network operation centers of telecoms and web hosting…
Zyxel unveils new cloud-managed switches for small businesses and professional home users
Zyxel Networks launched the XMG1915 series – a family of smart managed switches designed to provide small businesses and professional home users (prosumers) with the throughput and versatility needed to support today’s high bandwidth applications and services. With the growth…