Latest Posts – Vulnerability Management
- Vulnerability Management Lifecycle – Cyber Security EssentialsVulnerability Management Lifecycle Vulnerability management is an essential part of any organization’s security posture. It involves the identification, assessment, and remediation of vulnerabilities in systems, applications, and other assets to minimize the risk of exploitation by malicious actors. The vulnerability management life cycle consists of several stages that work together to ensure that vulnerabilities are …
Vulnerability Management Lifecycle – Cyber Security Essentials Read More »
- What is Zero Day? – Vulnerability – Definition on Security Terms
What is a Zero Day Vulnerability? Zero Day as a term is used to define vulnerabilities that have been found to be exploited in the Wild, when it was discovered by “friendly” and informed to the vendor of the affected software or program or in some cases to the general public. “Friendly” has been used …What is Zero Day? – Vulnerability – Definition on Security Terms Read More »
- New Zero Day: CVE-2023-21823, Zero-day vulnerability in WindowsBuffer overflow Zero Day Released – 2023-02-14 Patch Released – 2023-02-14 Description: The vulnerability allows a local user to escalate privileges on the system. The vulnerability exists due to a boundary error within the Windows Graphics Component. A local user can trigger memory corruption and execute arbitrary code with SYSTEM privileges. Note, the vulnerability is …
New Zero Day: CVE-2023-21823, Zero-day vulnerability in Windows Read More »
- New Zero Day: CVE-2023-21715, Zero-day vulnerability in Microsoft PublisherSecurity features bypass Zero Day Released – 2023-02-14 Patch Released – 2023-02-14 Description: The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to unspecified error when processing files. A remote attacker can trick the victim to open a specially crafted file, bypass Office macro policies used to block untrusted …
New Zero Day: CVE-2023-21715, Zero-day vulnerability in Microsoft Publisher Read More »
- New Zero Day: CVE-2023-23376, Zero-day vulnerability in WindowsZero Day Released – 2023-02-14 Patch Released – 2023-02-14 Description: The vulnerability allows a local user to escalate privileges on the system. The vulnerability exists due to a boundary error in Windows Common Log File System Driver. A local user can trigger memory corruption and execute arbitrary code with SYSTEM privileges. Note, the vulnerability is …
New Zero Day: CVE-2023-23376, Zero-day vulnerability in Windows Read More »
- New Zero Day: CVE-2023-23529, Zero-day vulnerability in Apple iOSApple has released a security advisory for the latest zero day vulnerability in its iOS system.The Vulnerability was released on 13th February 2023 and has been assigned the CVE, CVE-2023-23529. The Vulnerable component is Apple iOS Associated CWE CWE-843 – Access of Resource Using Incompatible Type (‘Type Confusion’) CWE-843 is a weakness in software security …
New Zero Day: CVE-2023-23529, Zero-day vulnerability in Apple iOS Read More »
- New Zero Day: CVE-2023-0669, Deserialization of Untrusted DataA new Zero Day Vulnerability has been found in GoAnywhere MFT. GoAnywhere is a popular file transfer application.