TARLOGIC's BLOG
Cybersecurity - Page 4

Cybersecurity articles with security analysis and ethical hacking technics information

CVE-2023-35082: Unauthenticated API Access Vulnerability in MobileIron Core
CVE-2023-35082: Unauthenticated API Access Vulnerability in MobileIron Core
S.T.A².R.S Team

CVE-2023-35082 is a critical vulnerability that allows access to APIs in older versions of MobileIron Core Ivanti is having a tough time as another critical vulnerability has been [...]

Read more
CVE-2023-35078: Remote authentication bypass in Ivanti EPMM API
CVE-2023-35078: Remote authentication bypass in Ivanti EPMM API
S.T.A².R.S Team

CVE-2023-35078 is a critical vulnerability that allows access to restricted functionality of Ivanti mobile management software A new critical vulnerability has been discovered in I[...]

Read more
CVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler
CVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler
S.T.A².R.S Team

On July 18, 2023, Citrix released information and updates to address a critical vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway.  This vulnerability allows un[...]

Read more
CVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC
CVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC
S.T.A².R.S Team

On June 19, 2023, Fortiguard published the information and updates to fix a critical vulnerability (CVE-2023-33299) in its FortiNAC software, which can allow an unauthorized access[...]

Read more
The ins and outs of BlueTrust, a Bluetooth vulnerability
The ins and outs of BlueTrust, a Bluetooth vulnerability
Antonio Vázquez and Jesús María Gómez

BlueTrust is a Bluetooth vulnerability that allows information about devices and users to be obtained and trust relationships to be traced BlueTrust is a mechanism for discovering [...]

Read more
CVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability
CVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability
S.T.A².R.S Team

Details have been disclosed about a critical vulnerability (CVE-2023-27997) affecting Fortinet Fortigate devices with exposed SSL VPN services. This vulnerability, which does not r[...]

Read more
CVE-2023-34362: SQL Injection in Progress Software’s MOVEit Transfer
CVE-2023-34362: SQL Injection in Progress Software’s MOVEit Transfer
S.T.A².R.S Team

On May 31, 2023, Progress informed about a critical vulnerability (CVE-2023-34362) in its MOVEit Transfer software, which could potentially lead to privilege escalation and unautho[...]

Read more
CVE-2023-32353: Local privilege escalation via iTunes in Windows
CVE-2023-32353: Local privilege escalation via iTunes in Windows
S.T.A².R.S Team

Information has been disclosed about a new high criticality vulnerability that affects the Apple iTunes software in Windows environments. This vulnerability would allow an attacker[...]

Read more
Some notes and reflections on the Terminator threat
Some notes and reflections on the Terminator threat
José Antonio Lancharro

Throughout the week, a tool called «Terminator» has been discussed in the media, which would allow attackers to disable antivirus, EDR, and XDR platforms. Terminator utilizes a w[...]

Read more
CVE-2023-2825: Critical vulnerability affects Gitlab
CVE-2023-2825: Critical vulnerability affects Gitlab
S.T.A².R.S Team

Information about a new critical vulnerability affecting Gitlab software has been disclosed. This vulnerability would allow a remote attacker to exploit a path traversal problem to[...]

Read more
1 2 3 4 5 6 7 13
Advanced penetration testing services