ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Network Security News Summary for Wednesday October 23th, 2024"
Episode Synopsis
HTTP vs. HTTPS; VMware, Unifi, Roundgroup, Atlassian, OneDev Patches, Vulnerability and Exploits How much HTTP (not HTTPS) Traffic is Traversing Your Perimeter? https://isc.sans.edu/diary/How%20much%20HTTP%20%28not%20HTTPS%29%20Traffic%20is%20Traversing%20Your%20Perimeter%3F/31372 VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 Unifi Security Advisory Bulletin 043 https://community.ui.com/releases/Security-Advisory-Bulletin-043-043/28e45c75-314e-4f07-a4f3-d17f67bd53f7 Fake attachment. Roundcube mail server attacks exploit CVE-2024-37383 vulnerability. https://global.ptsecurity.com/analytics/pt-esc-threat-intelligence/fake-attachment-roundcube-mail-server-attacks-exploit-cve-2024-37383-vulnerability Atlassian Security Bulletin - October 15 2024 https://confluence.atlassian.com/security/security-bulletin-october-15-2024-1442910972.html OneDev Arbitrary file reading for unauthenticated user https://github.com/theonedev/onedev/security/advisories/GHSA-7wg5-6864-v489 keywords: onedev; atlassian; roundcube; unifi; vmware; vcenter; http; https; tls
More episodes of the podcast SANS Internet Storm Center's Daily Network Security News Podcast
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847 (#)
27/12/2025
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues (#)
21/12/2025
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches (#)
14/12/2025
In God we trust