Google shares “fix” for deleted Google Drive files

Google shares “fix” for deleted Google Drive files

Google says it identified and fixed a bug causing customer files added to Google Drive after April-May 2023 to disappear. However, the fix isn’t working for all affected users. The Google Drive team linked the users’ data loss problems to a synchronization issue and said it only affected “a limited subset” using the desktop Drive app versions […]

Google shares “fix” for deleted Google Drive files Read More »

Outlook email sending issues for users with lots of folders

Outlook email sending issues for users with lots of folders

Microsoft has acknowledged a new issue affecting Outlook for Microsoft 365 users and causing email-sending problems for those with too many nested folders. According to Redmond, this is likely related to an older issue concerning mailboxes with more than 500 shared folders, a limit lifted in 2019. However, it seems that Microsoft failed to consider

Outlook email sending issues for users with lots of folders Read More »

Atlassian Releases Security Advisories for Multiple Products

Atlassian has released security updates to address vulnerabilities affecting multiple Atlassian products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the necessary updates or mitigations. CVE-2023-22522 – RCE Vulnerability In Confluence Data Center and Confluence

Atlassian Releases Security Advisories for Multiple Products Read More »

23andMe updates user agreement to prevent data breach lawsuits

23andMe updates user agreement to prevent data breach lawsuits

As Genetic testing provider 23andMe faces multiple lawsuits for an October credential stuffing attack that led to the theft of customer data, the company has modified its Terms of Use to make it harder to sue the company. In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked

23andMe updates user agreement to prevent data breach lawsuits Read More »

Russian military hackers target NATO fast reaction corps

Russian military hackers target NATO fast reaction corps

Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks’ Unit 42 have observed them exploiting the CVE-2023-23397 vulnerability over roughly 20 months in three campaigns against at least 30 organizations across 14 nations deemed of probable strategic

Russian military hackers target NATO fast reaction corps Read More »

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog”

CISA Adds Two Known Exploited Vulnerabilities to Catalog Read More »

Schweitzer Engineering Laboratories SEL-411L | CISA

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schweitzer Engineering Laboratories Equipment: SEL-411L Vulnerability: Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability could expose authorized users to clickjacking attacks. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of the Schweitzer

Schweitzer Engineering Laboratories SEL-411L | CISA Read More »

CISA Releases Five Industrial Control Systems Advisories

CISA released five Industrial Control Systems (ICS) advisories on December 7, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.   CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. This content is being syndicated from Source link for documentation purpose.

CISA Releases Five Industrial Control Systems Advisories Read More »

CISA and International Partners Release Advisory on Russia-based Threat Actor Group, Star Blizzard

Today, the Cybersecurity and Infrastructure Security Agency (CISA)—in coordination with the United Kingdom’s National Cyber Security Centre (UK-NCSC), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NCSC-NZ), and the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cyber Command

CISA and International Partners Release Advisory on Russia-based Threat Actor Group, Star Blizzard Read More »

Johnson Controls Metasys and Facility Explorer

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Equipment: Metasys and Facility Explorer Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service by sending invalid credentials. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of

Johnson Controls Metasys and Facility Explorer Read More »

Scroll to Top