NCERT | National Computer Emergency Response Team Philippines

Critical Vulnerability in Palo Alto Global Protect (CVE-2024-3400)

Palo Alto Networks has released a security advisory related to critical vulnerability with a CVSS score of 10, currently exploited in the wild in a limited number of attacks. Tracked as CVE-2024-3400, this vulnerability, which is within the GlobalProtect feature of Palo Alto Networks PAN-OS, could allow malicious actors to execute arbitrary code with root continue reading : Critical Vulnerability in Palo Alto Global Protect (CVE-2024-3400)

Microsoft Releases April 2024 Patch Tuesday Security Updates

Microsoft has released its April 2024 Patch Tuesday security updates to fix 149 vulnerabilities across its products, including one vulnerability that Microsoft detected being exploited in the wild. Additionally, it’s worth noting the critical vulnerabilities tracked as CVE-2024-21322, CVE-2024-21323, and CVE-2024-29053, which are also included in the patch notes for the month of April. _____________________________ continue reading : Microsoft Releases April 2024 Patch Tuesday Security Updates

Microsoft Releases February 2024 Patch Tuesday Security Updates

Microsoft has released its February 2024 Patch Tuesday security updates to fix 73 vulnerabilities across its products, including 2 zero-day vulnerabilities (CVE-2024-21351 and CVE-2024-21412) that are being exploited in-the-wild. Tracked as CVE-2024-21351, the first of the two zero-days could allow a malicious actor to inject code into SmartScreen and potentially gain code execution. For the continue reading : Microsoft Releases February 2024 Patch Tuesday Security Updates

Critical Vulnerability in FortiOS SSL VPN (CVE-2024-23113)

Fortinet has released a patch to fix a security vulnerability in its FortiOS SSL VPN product that is potentially being exploited in the wild. Tracked as CVE-2024-23113, this vulnerability is classified as ‘Critical’ with a CVSS Score of 9.6, which may allow a malicious actor to execute unauthorized code. Based on the official advisory, FortiOS continue reading : Critical Vulnerability in FortiOS SSL VPN (CVE-2024-23113)

Critical Vulnerabilities in FortiSIEM (CVE-2024-23108 and CVE-2024-23109)

Fortinet has released a patch to fix two critical vulnerabilities (CVE-2024-23108 and CVE-2024-23109) in its FortiSIEM product that can be used to execute unauthorized code. Based on the official report, these vulnerabilities are classified as Critical with a maximum CVSS Score of 10. While these two vulnerabilities have been disclosed recently, it’s worth noting that continue reading : Critical Vulnerabilities in FortiSIEM (CVE-2024-23108 and CVE-2024-23109)