21 Nov, 2024

SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

A critical vulnerability in SolarWinds’ Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today. The company has released a hotfix and says that the security issue, tracked as CVE-2024-28986, is a Java deserialization that would allow an attacker to run commands […]

1 min read

1 in 5 companies say state-sponsored attacks try to penetrate supply chain

Roughly one-fifth of enterprise IT administrators have found themselves the target of a state-sponsored attack, according to a survey from HP Wolf. The survey found that of 800 respondents in the IT industry, worldwide 19% reported being the target of an attack on networks, PCs, and internet-facing printers in an apparent effort to penetrate the […]

2 mins read

VMware, Adobe bugs exploited in active attacks as Cisco warns of critical ‘10.0’ flaw

VMware, SolarWinds and Adobe users are being warned that vulnerabilities found in each of the products are under active attack. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Impacted products include Adobe Commerce (CVE-2024-34102), SolarWinds Serv-U (CVE-2024-28995) and VMware vCenter Server (CVE-2022-22948) CISA’s warning […]

2 mins read