Vulnerabilities

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks 2025-02-11 at 20:09 By Eduard Kovacs OpenSSL has patched CVE-2024-12797, a high-severity vulnerability found by Apple that can allow man-in-the-middle attacks. The post High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

High-Severity OpenSSL Vulnerability Found by Apple Allows MitM Attacks Read More »

SAP Releases 21 Security Patches

SAP Releases 21 Security Patches 2025-02-11 at 19:22 By Ionut Arghire SAP has released 19 new and two updated security notes on its February 2025 patch day, including six notes for high-severity vulnerabilities. The post SAP Releases 21 Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Releases 21 Security Patches Read More »

Cyber and Physical Security Considerations for Returning to the Office

Cyber and Physical Security Considerations for Returning to the Office 2025-02-11 at 16:01 By Kory Daniels When remote work became mandatory in the wake of the 2020 COVID pandemic, organizations had to quickly dispatch staffers to their homes with all the equipment, and services, they would need to do their jobs. This article is an

React to this headline:

Loading spinner

Cyber and Physical Security Considerations for Returning to the Office Read More »

Intel Patched 374 Vulnerabilities in 2024

Intel Patched 374 Vulnerabilities in 2024 2025-02-11 at 14:50 By Ionut Arghire Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects. The post Intel Patched 374 Vulnerabilities in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Intel Patched 374 Vulnerabilities in 2024 Read More »

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts 2025-02-10 at 14:37 By Ionut Arghire Microsoft has added more Copilot consumer products to its bug bounty program and is offering higher rewards for medium-severity vulnerabilities. The post Microsoft Expands Copilot Bug Bounty Program, Increases Payouts appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Expands Copilot Bug Bounty Program, Increases Payouts Read More »

Cisco Patches Critical Vulnerabilities in Enterprise Management Product

Cisco Patches Critical Vulnerabilities in Enterprise Management Product 2025-02-06 at 13:26 By Ionut Arghire Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and  system configuration modifications. The post Cisco Patches Critical Vulnerabilities in Enterprise Management Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerabilities in Enterprise Management Product Read More »

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity 2025-02-05 at 23:06 By While Chief Information Security Officers (CISOs) know how crucial a consistent enterprise penetration testing program is to their cybersecurity program, convincing their fellow leaders and board members to invest in pen testing amid other budget demands can be challenging. This

React to this headline:

Loading spinner

Penetration Testing ROI: How to Convince Leadership to Invest in Cybersecurity Read More »

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities 2025-02-05 at 13:49 By Ionut Arghire Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities. The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities Read More »

CISA Issues Exploitation Warning for .NET Vulnerability

CISA Issues Exploitation Warning for .NET Vulnerability 2025-02-05 at 13:06 By Eduard Kovacs CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Issues Exploitation Warning for .NET Vulnerability Read More »

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days 2025-02-05 at 12:01 By Ionut Arghire Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched. The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days Read More »

Exploitation of Over 700 Vulnerabilities Came to Light in 2024

Exploitation of Over 700 Vulnerabilities Came to Light in 2024 2025-02-04 at 19:34 By Ionut Arghire The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports. The post Exploitation of Over 700 Vulnerabilities Came to Light in 2024 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Exploitation of Over 700 Vulnerabilities Came to Light in 2024 Read More »

Beyond the Chatbot: Meta Phishing with Fake Live Support

Beyond the Chatbot: Meta Phishing with Fake Live Support 2025-02-04 at 16:03 By Mike Casayuran and John Kevin Adriano In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals exploit Facebook Messenger chatbots to execute social engineering attacks, deceiving users into falling victim to scams and phishing schemes. These attacks often rely on the perceived legitimacy

React to this headline:

Loading spinner

Beyond the Chatbot: Meta Phishing with Fake Live Support Read More »

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products 2025-01-30 at 21:23 By Ryan Naraine VMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products. The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products Read More »

TeamViewer Patches High-Severity Vulnerability in Windows Applications

TeamViewer Patches High-Severity Vulnerability in Windows Applications 2025-01-30 at 15:20 By Ionut Arghire TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows. The post TeamViewer Patches High-Severity Vulnerability in Windows Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

TeamViewer Patches High-Severity Vulnerability in Windows Applications Read More »

New Zyxel Zero-Day Under Attack, No Patch Available

New Zyxel Zero-Day Under Attack, No Patch Available 2025-01-29 at 18:21 By Ryan Naraine GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available. The post New Zyxel Zero-Day Under Attack, No Patch Available appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

New Zyxel Zero-Day Under Attack, No Patch Available Read More »

SimpleHelp Remote Access Software Exploited in Attacks

SimpleHelp Remote Access Software Exploited in Attacks 2025-01-29 at 12:48 By Ionut Arghire Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities. The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

SimpleHelp Remote Access Software Exploited in Attacks Read More »

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer 2025-01-28 at 23:03 By Ryan Naraine VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access. The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared

React to this headline:

Loading spinner

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer Read More »

SonicWall Confirms Exploitation of New SMA Zero-Day

SonicWall Confirms Exploitation of New SMA Zero-Day 2025-01-28 at 13:33 By Eduard Kovacs SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

SonicWall Confirms Exploitation of New SMA Zero-Day Read More »

Apple Patches First Exploited iOS Zero-Day of 2025

Apple Patches First Exploited iOS Zero-Day of 2025 2025-01-28 at 13:03 By Ionut Arghire Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches First Exploited iOS Zero-Day of 2025 Read More »

Cracking the Giant: How ODAT Challenges Oracle, the King of Databases

Cracking the Giant: How ODAT Challenges Oracle, the King of Databases 2025-01-27 at 16:04 By Karl Biron In the past decade, Oracle Database (Oracle DB) has reigned supreme in the competitive arena of database engine popularity ranking as shown in Figure 1 and Figure 2. This pervasiveness has led Oracle Database to be trusted by

React to this headline:

Loading spinner

Cracking the Giant: How ODAT Challenges Oracle, the King of Databases Read More »

Scroll to Top