Description of the security update for Microsoft Exchange Server 2019 and 2016: November 14, 2023 (KB5032146)

None Notice For Microsoft Exchange Server 2016 installations, see also KB 5032147 for additional information about issues that are fixed in this security update. This security update rollup resolve ...

Continue Reading
AI Solutions Are the New Shadow IT

Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are ...

Continue Reading
Mattermost Open Redirect Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an open redirect vulnerability that occurs when a user clicks "Back to ...

Continue Reading
Possible user mocking that bypasses basic authentication

Impact next-auth applications prior to version 4.24.5 that rely on the default Middleware authorization are affected. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issu ...

Continue Reading
grafana security and enhancement update

[9.2.10-7] - resolve RHEL-12649 - resolve CVE-2023-39325 CVE-2023-44487 rapid stream resets can cause excessive work - testing is turned off due to test failures caused by testing date mismatch [9.2.1 ...

Continue Reading
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access

Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate ...

Continue Reading
Mattermost Open Redirect vulnerability

Mattermost fails to properly check a redirect URL parameter allowing for anĀ open redirect was possible when the user clicked "Back to Mattermost" after providing a invalid custom ur ...

Continue Reading
Leaving Authentication Credentials in Public Code

Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm Gi ...

Continue Reading

Back to Main

Subscribe for the latest news: