The Information Highway

The Information Highway

Windows Server 2025 previews security updates without restarts

Windows-Server

Microsoft announced today that Hotpatching is now available in public preview for Windows Server 2025, allowing installation of security updates without restarting.

Continue reading
  357 Hits

GitLab releases fix for critical SAML authentication bypass flaw

GitLab

 GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE).

Continue reading
  231 Hits

Veeam warns of critical RCE flaw in Backup & Replication software

Veeam

Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.

Continue reading
  314 Hits

Fortinet FortiClientEMS critical vulnerability

Threat-Advisory-Banner

Threat update

 Fortinet has released security updates for an unauthorized code execution vulnerability impacting their FortiClientEMS (Endpoint Management Server) product. The vulnerability, CVE-2023-48788, is related to a flaw that allows unauthenticated malicious actors to execute code or commands onto the server via purposely crafted requests. This Cybersecurity Threat Advisory highlights various recommendations to mitigate the potential impact on your devices.

Continue reading
  590 Hits

Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws

patch-tuesday-large

Today is Microsoft's February 2024 Patch Tuesday, which includes security updates for 73 flaws and two actively exploited zero-days.


Continue reading
  732 Hits

Microsoft to let Windows 10 home users buy Extended Security Updates

Windows-attack

Microsoft says that all Windows 10 customers (including home users) will be able to pay for three extra years of security updates through the company's Extended Security Updates (ESU) program after the end of support (EOS) date. 

Continue reading
  819 Hits

Citrix warns admins to kill NetScaler user sessions to block hackers

citrix-bleed

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. 

Continue reading
  776 Hits

Apple fixes iOS Kernel zero-day vulnerability on older iPhones

apple_triangle

Apple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks. 

Continue reading
  917 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023