All but the latest version of the SolarWinds Web Help Desk software used by healthcare and government organizations, as well as corporations for optimizing help desk tasks are affected by the security issue, tracked as CVE-2024-28986.
The CrowdStrike incident highlighted the dangers of auto-updates – here’s how to set up a test lab for a patching strategy that will keep the organization safe.
Intrusions exploiting the flaw, which has been patched but not detailed as part of the June Patch Tuesday update, could be launched remotely by attackers who have obtained interactions from targeted users, according to Microsoft.
Managing vulnerabilities is a large, complex problem that can't be completely fixed. And still, many cybersecurity organizations continue with a traditional approach that attempts to address all vulnerabilities, spreading staff too thin and increasing exploitation windows. With a small set of vulnerabilities being the cause of most of the breaching...
Most serious of the identified vulnerabilities was the high-severity flaw CVE-2024-33892, which could be exploited to enable cookie-based information exposure, an analysis from SySS GmbH researchers presented at this year's DEF CON security conference revealed.