Vulnerability Management

Most Recent

VMware ESXi Instances Remain Vulnerable to Auth Bypass Vuln

CRA News ServiceAugust 2, 2024

Over 20K internet-exposed VMware ESXi hypervisors are impacted by the actively exploited CVE-2024-37085.

patch presented in the form of binary code

Patch/Configuration Management

Chrome Update Adds Cookie Protection, Patches Vulns

CRA News ServiceAugust 1, 2024

Google issued a number of Chrome updates that protect cookies and patch vulnerabilities.

Bug Bounties

CISA: Patch Critical ServiceNow Bugs Immediately

CRA News ServiceJuly 31, 2024

CISA is urging organizations to patch critical ServiceNow bugs by August 19.

Vulnerability Management

Novel Google Cloud Vulnerability Poses Significant Compromise Possibility

CRA News ServiceJuly 25, 2024

Unauthorized access to other services and data could be achieved by threat actors through the exploitation of the new "ConfusedFunction" privilege escalation vulnerability in Google Cloud Platform's Cloud Functions service.

Channel markets

MSPs Come Together to Hasten CrowdStrike Outage Remediation

Sharon FlorentineJuly 19, 2024

MSPs are pulling together to help during the CrowdStrike outage. That's what community is all about.

Enterprise

CrowdStrike Confirms Faulty Update Tied to Massive Global IT Outage: ‘Fix has been deployed’

Dan RaywoodJuly 19, 2024

SC Magazine reported on the CrowdStrike update that sparked a worldwide IT outage.

Patch/Configuration Management

Cisco Issues Patch for Maximum Severity SSM On-Prem Vulnerability

CRA News ServiceJuly 18, 2024

Cisco has issued patches for a maximum severity flaw impacting its Smart Software Manager On-Prem license servers and older installations of SSM On-Prem, also known as Cisco Smart Software Manager Satellite.