High-Risk Vulnerabilities in ConnectWise ScreenConnect
On February 19, 2024 ConnectWise disclosed two vulnerabilities in their ScreenConnect remote access software. Both vulnerabilities affect ScreenConnect 23.9.7 and earlier. ConnectWise has indicated they have confirmed compromises arising from exploitation of these vulnerabilities.
Zero-Day Exploitation of Ivanti Connect Secure and Policy Secure Gateways
On Wednesday, January 10, 2024, Ivanti disclosed two zero-day vulnerabilities affecting their Ivanti Connect Secure and Ivanti Policy Secure gateways. Learn about the avisory and get mitigation guidance.
Why Your AWS Cloud Container Needs Client-Side Security
With increasingly complicated network infrastructure and organizations needing to deploy applications across various environments, cloud containers are necessary for companies to stay agile and innovative.
The pending update to the Common Common Vulnerability Scoring System (CVSS), version 4.0, has garnered a noticeable volume of articles, blog posts and watercooler (now known as Slack and Zoom) air time. Reaction from the community has been positive. Learn more.
Poorly Purged Medical Devices Present Security Concerns After Sale on Secondary Market
A new report released today by Rapid7 principal researcher, Deral Heiland points out, even when organizations are able to take steps to mitigate concerns at the grave portion of the life cycle, they don’t.