May 06, 2024NewsroomVulnerability / Server Security More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free … [Read more...] about Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
Opens
Duo Opens New Data Center in India
Back in September last year, Ash Devata, VP and GM for Zero Trust and Duo at Cisco wrote about the expansion of our international footprint with the opening of data centers in Australia, Singapore, and Japan. Today, I am thrilled to add India to that list, exemplifying Duo’s commitment in a key market, which couldn’t have been better timed. Local data centers help customers … [Read more...] about Duo Opens New Data Center in India
Simjacker opens SIM cards to spying
Recently, experts at AdaptiveMobile Security discovered a method of attack on mobile phones that can be carried out using a normal computer and a dirt-cheap USB modem. Whereas some older methods of cellular surveillance required special equipment and a telecom operating license, this attack, called Simjacker, takes advantage of a vulnerability found in SIM cards. It’s all … [Read more...] about Simjacker opens SIM cards to spying
Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks
A critical remote code execution vulnerability has been discovered in the popular open-source Exim email server software, leaving at least over half a million email servers vulnerable to remote hackers.Exim maintainers today released Exim version 4.92.2 after publishing an early warning two days ago, giving system administrators a heads-up on its upcoming security patches that … [Read more...] about Exim TLS Flaw Opens Email Servers to Remote ‘Root’ Code Execution Attacks