Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
1509 Results
Feb: 2024: Real Phish Received at UCSF - Payroll Lure Harvesting Credentials
Picture of Actual Phish:
Picture of Actual Landi
Feb 2024: Deepfake Scam Imitating CFO
Threat Alert: Deepfake Scam Targeting Financial Transactions An employee attended a video conference call with seemingly authentic colleagues, all of whom were later revealed to be deepfake representations. The worker, initially suspicious of a phishing email, was convinced by the realistic appearance and voices of the deepfake participants during the video call. Subsequently, the employee authorized a large financial transaction, thinking it was a legitimate request initiated by the CFO.
Jan 2024: Policy Update Phishing Lures Bypass MFA
Threat Alert: Company Policy Phishing Lures Bypass MFA
Vulnerabilities in Various Red Hat Products in January 2024
Red Hat released multiple security updates in January for various Red Hat products. For a complete description of the vulnerabilities and affected systems go to: Red Hat Security Advisories.IT SecurityRead more about IT Security service offerings.
Vulnerabilities in Various Suse Products in January 2024
Suse released multiple security updates in January for various Suse products.For a complete description of the vulnerabilities and affected systems go to: Suse January 2024 Archives by date.IT Security
Vulnerabilities in Various Ubuntu Products in January 2024
Ubuntu released multiple security updates in January for various Ubuntu products.For a complete description of the vulnerabilities and affected systems go to: Ubuntu January 2024 Archives by date.IT Security
Critical Actively Exploited Vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways Patched
Ivanti has released security updates to address Critical Actively Exploited vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways. An attacker could exploit this vulnerability to take control of the affected system.
Critical Vulnerability in GitLab
GitLab released a security update to address a Critical vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). Unauthenticated attackers can exploit this vulnerability to write files to arbitrary locations on the GitLab server while creating a workspace.
High and Other Vulnerabilities Affecting Juniper Switches and Firewalls
Juniper Networks released security updates to address High and other vulnerabilities affecting the J-Web component of Junos OS on SRX series firewalls and EX series switches. A cyber threat actor could exploit the most severe of these vulnerabilities to craft a malicious URL that, when visited by a user, could lead to the execution of arbitrary commands with the permissions of the user, including those of an administrator.
Critical and Other Vulnerabilities in Multiple Jenkins Products
Jenkins has released security updates to address Critical and other vulnerabilities in multiple Jenkins products. An attacker could exploit these vulnerabilities to read arbitrary files on the controller file system.For a complete description of the vulnerabilities and affected systems go to: Jenkins Security Advisory 2024-01-24.