$200,000 Awarded at Pwn2Own 2024 for Tesla Hack 2024-03-21 at 11:46 By Eduard Kovacs Participants earned a total of $732,500 on the first day of Pwn2Own Vancouver 2024 for hacking a Tesla, operating systems, and other software. The post $200,000 Awarded at Pwn2Own 2024 for Tesla Hack appeared first on SecurityWeek. This article is an […]
React to this headline:
$200,000 Awarded at Pwn2Own 2024 for Tesla Hack Read More »
Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server 2024-03-20 at 16:46 By Ionut Arghire Atlassian releases patches for two dozen vulnerabilities, including a critical-severity bug in Bamboo Data Center and Server. The post Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server Read More »
Chrome 123, Firefox 124 Patch Serious Vulnerabilities 2024-03-20 at 15:01 By Ionut Arghire Chrome and Firefox security updates released on Tuesday resolve a critical-severity and multiple high-severity vulnerabilities. The post Chrome 123, Firefox 124 Patch Serious Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to
React to this headline:
Chrome 123, Firefox 124 Patch Serious Vulnerabilities Read More »
300,000 Systems Vulnerable to New Loop DoS Attack 2024-03-20 at 12:01 By Eduard Kovacs Academic researchers describe a new application-layer loop DoS attack affecting Broadcom, Honeywell, Microsoft and MikroTik. The post 300,000 Systems Vulnerable to New Loop DoS Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
React to this headline:
300,000 Systems Vulnerable to New Loop DoS Attack Read More »
Aiohttp Vulnerability in Attacker Crosshairs 2024-03-19 at 12:23 By Eduard Kovacs A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group. The post Aiohttp Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to
React to this headline:
Aiohttp Vulnerability in Attacker Crosshairs Read More »
Pentagon Received Over 50,000 Vulnerability Reports Since 2016 2024-03-18 at 15:17 By Ionut Arghire Since 2016, the US DoD has received over 50,000 submissions through its vulnerability disclosure program. The post Pentagon Received Over 50,000 Vulnerability Reports Since 2016 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
React to this headline:
Pentagon Received Over 50,000 Vulnerability Reports Since 2016 Read More »
New Attack Shows Risks of Browsers Giving Websites Access to GPU 2024-03-18 at 15:17 By Eduard Kovacs Researchers demonstrate remote GPU cache side-channel attack from within browsers against AMD and NVIDIA graphics cards. The post New Attack Shows Risks of Browsers Giving Websites Access to GPU appeared first on SecurityWeek. This article is an excerpt
React to this headline:
New Attack Shows Risks of Browsers Giving Websites Access to GPU Read More »
PoC Published for Critical Fortra Code Execution Vulnerability 2024-03-18 at 13:46 By Ionut Arghire A critical directory traversal vulnerability in Fortra FileCatalyst Workflow could lead to remote code execution. The post PoC Published for Critical Fortra Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
React to this headline:
PoC Published for Critical Fortra Code Execution Vulnerability Read More »
Discontinued Security Plugins Expose Many WordPress Sites to Takeover 2024-03-15 at 14:17 By Ionut Arghire Thousands of WordPress sites are at risk of takeover due to a critical privilege escalation vulnerability in two closed MiniOrange plugins. The post Discontinued Security Plugins Expose Many WordPress Sites to Takeover appeared first on SecurityWeek. This article is an
React to this headline:
Discontinued Security Plugins Expose Many WordPress Sites to Takeover Read More »
Cisco Patches High-Severity IOS RX Vulnerabilities 2024-03-14 at 15:43 By Ionut Arghire Cisco releases patches for high-severity denial-of-service and elevation of privilege vulnerabilities in IOS RX software. The post Cisco Patches High-Severity IOS RX Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:
React to this headline:
Cisco Patches High-Severity IOS RX Vulnerabilities Read More »
Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints 2024-03-14 at 14:01 By Ionut Arghire A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints. The post Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints Read More »
Fortinet Patches Critical Vulnerabilities Leading to Code Execution 2024-03-13 at 12:33 By Ionut Arghire Fortinet has released patches for critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. The post Fortinet Patches Critical Vulnerabilities Leading to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React
React to this headline:
Fortinet Patches Critical Vulnerabilities Leading to Code Execution Read More »
Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server 2024-03-12 at 21:51 By Ryan Naraine Microsoft ships patches for at least 60 security vulnerabilities in the Windows ecosystem and warned of remote code execution risks. The post Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server appeared first on SecurityWeek. This article is
React to this headline:
Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server Read More »
SAP Patches Critical Command Injection Vulnerabilities 2024-03-12 at 20:21 By Ionut Arghire Enterprise software maker SAP documents multiple critical-severity issues and warns of risk of command injection attacks. The post SAP Patches Critical Command Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this
React to this headline:
SAP Patches Critical Command Injection Vulnerabilities Read More »
Google Paid Out $10 Million via Bug Bounty Programs in 2023 2024-03-12 at 20:21 By Eduard Kovacs Google paid out $10 million via its bug bounty programs in 2023, bringing the total to nearly $60 million since 2010. The post Google Paid Out $10 Million via Bug Bounty Programs in 2023 appeared first on SecurityWeek.
React to this headline:
Google Paid Out $10 Million via Bug Bounty Programs in 2023 Read More »
Adobe Patches Critical Flaws in Enterprise Products 2024-03-12 at 20:21 By Ryan Naraine Patch Tuesday: Adobe ships a hefty batch of security updates to fix critical-severity vulnerabilities in multiple enterprise-facing products. The post Adobe Patches Critical Flaws in Enterprise Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original
React to this headline:
Adobe Patches Critical Flaws in Enterprise Products Read More »
Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks 2024-03-11 at 17:18 By Ionut Arghire A high-severity XSS vulnerability in the Ultimate Member plugin allows attackers to inject scripts into WordPress sites. The post Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks Read More »
Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks 2024-03-11 at 16:01 By Eduard Kovacs 150,000 systems possibly impacted by the recent Fortinet vulnerability CVE-2024-21762, but there is still no evidence of widespread exploitation. The post Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks appeared first
React to this headline:
Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks Read More »
Critical Vulnerability Allows Access to QNAP NAS Devices 2024-03-11 at 16:01 By Ionut Arghire Critical-severity vulnerability could allow network attackers to access QNAP NAS devices without authentication. The post Critical Vulnerability Allows Access to QNAP NAS Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to
React to this headline:
Critical Vulnerability Allows Access to QNAP NAS Devices Read More »
In Other News: Google AI Hacking, Font Vulnerabilities, IBM Training Facility 2024-03-08 at 16:59 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Google AI bug bounties, font vulnerabilities, IBM opens new training facility. The post In Other News: Google AI Hacking, Font Vulnerabilities, IBM Training Facility appeared first on SecurityWeek. This
React to this headline:
In Other News: Google AI Hacking, Font Vulnerabilities, IBM Training Facility Read More »