Patch

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now – Go Health Pro

by
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now – Go Health Pro

Feb 18, 2025Ravie LakshmananVulnerability / Network Security Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below – CVE-2025-26465 … Read more

Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security – Go Health Pro

by
Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security – Go Health Pro

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name CVE-2025-21418. This patch should be a … Read more

Emergency patch issued for Ivanti Connect Secure VPN flaw under attack – Go Health Pro

by
Emergency patch issued for Ivanti Connect Secure VPN flaw under attack – Go Health Pro

An unpatched vulnerability in the Ivanti Connect Secure VPN has been under active attack. Researchers with Google’s Mandiant Cloud security team said that one or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks. The flaw, originally exploited as a zero-day vulnerability, has since been given an emergency patch and … Read more

Patch Tuesday, December 2024 Edition – Krebs on Security – Go Health Pro

by
Microsoft Patch Tuesday, February 2025 Edition – Krebs on Security – Go Health Pro

Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common Log File System (CLFS) driver — used by applications to write transaction logs — that … Read more

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP – Go Health Pro

by
Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP – Go Health Pro

Nov 28, 2024Ravie LakshmananIoT Security / Vulnerability Nearly two dozen security vulnerabilities have been disclosed in Advantech EKI industrial-grade wireless access point devices, some of which could be weaponized to bypass authentication and execute code with elevated privileges. “These vulnerabilities pose significant risks, allowing unauthenticated remote code execution with root privileges, thereby fully compromising the … Read more

x