Vulnerabilities

Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks

CMS, Vulnerabilities /

Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks 2024-02-16 at 15:16 By Ionut Arghire Three vulnerabilities in CU Solutions Group CMS exposed 275 credit unions to credential theft, account takeover. The post Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks Read More »

Eight Vulnerabilities Disclosed in the AI Development Supply Chain

Artificial Intelligence, Vulnerabilities /

Eight Vulnerabilities Disclosed in the AI Development Supply Chain 2024-02-16 at 15:16 By Kevin Townsend Details of eight vulnerabilities found in the open source supply chain used to develop in-house AI and ML models have been disclosed. All have CVE numbers, one has critical severity, and seven have high severity. The post Eight Vulnerabilities Disclosed

React to this headline:

Loading spinner

Eight Vulnerabilities Disclosed in the AI Development Supply Chain Read More »

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks

CISA KEV, Cisco, exploited, Vulnerabilities /

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks 2024-02-16 at 14:02 By Eduard Kovacs CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog.  The post CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks Read More »

ESET Patches High-Severity Privilege Escalation Vulnerability

ESET, Vulnerabilities, vulnerability /

ESET Patches High-Severity Privilege Escalation Vulnerability 2024-02-15 at 17:02 By Ionut Arghire ESET has released patches for a high-severity elevation of privilege vulnerability in its Windows security products. The post ESET Patches High-Severity Privilege Escalation Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

ESET Patches High-Severity Privilege Escalation Vulnerability Read More »

Microsoft Warns of Exploited Exchange Server Zero-Day

Exchange, exploited, Microsoft Outlook, Vulnerabilities, Zero-Day /

Microsoft Warns of Exploited Exchange Server Zero-Day 2024-02-15 at 13:46 By Ionut Arghire Microsoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks. The post Microsoft Warns of Exploited Exchange Server Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Microsoft Warns of Exploited Exchange Server Zero-Day Read More »

Zoom Patches Critical Vulnerability in Windows Applications

Vulnerabilities, vulnerability, Zoom /

Zoom Patches Critical Vulnerability in Windows Applications 2024-02-14 at 16:17 By Ionut Arghire Zoom patches seven vulnerabilities in its products, including a critical-severity bug in its Windows applications. The post Zoom Patches Critical Vulnerability in Windows Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Zoom Patches Critical Vulnerability in Windows Applications Read More »

Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities

Amd, Endpoint Security, Intel, Patch Tuesday, Vulnerabilities /

Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities 2024-02-14 at 16:17 By Ionut Arghire AMD and Intel patch dozens of vulnerabilities on February 2024 Patch Tuesday, including multiple high-severity bugs. The post Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Chipmaker Patch Tuesday: AMD and Intel Patch Over 100 Vulnerabilities Read More »

KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers

DNS, KeyTrap, Vulnerabilities /

KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers 2024-02-14 at 15:01 By Eduard Kovacs Patches released for a new DNSSEC vulnerability named KeyTrap, described as the worst DNS attack ever discovered.   The post KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers Read More »

SAP Patches Critical Vulnerability Exposing User, Business Data

SAP, Vulnerabilities /

SAP Patches Critical Vulnerability Exposing User, Business Data 2024-02-14 at 12:32 By Ionut Arghire SAP patches a critical code-injection vulnerability in the SAP ABA (Application Basis) cross-application component. The post SAP Patches Critical Vulnerability Exposing User, Business Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Vulnerability Exposing User, Business Data Read More »

Microsoft Confirms Windows Exploits Bypassing Security Features

CVE-2024-21412, CVE-2024-21413, CVE-2024-21451, Malware & Threats, Patch Tuesday, Vulnerabilities /

Microsoft Confirms Windows Exploits Bypassing Security Features 2024-02-13 at 22:01 By Ryan Naraine Patch Tuesday: Microsoft pushes a massive batch of security-themed updates and calls urgent attention to exploits bypassing security features. The post Microsoft Confirms Windows Exploits Bypassing Security Features appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Microsoft Confirms Windows Exploits Bypassing Security Features Read More »

Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software

Risk Management, Vulnerabilities /

Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software 2024-02-13 at 20:01 By Ryan Naraine Adobe ships patches for at least 30 documented security flaws, warning that users are exposed to code execution, security feature bypass and denial-of-service attacks. The post Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software appeared

React to this headline:

Loading spinner

Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software Read More »

CISA Warns of Roundcube Webmail Vulnerability Exploitation

CISA, CISA KEV, email security, exploited, Roundcube, Vulnerabilities /

CISA Warns of Roundcube Webmail Vulnerability Exploitation 2024-02-13 at 13:31 By Eduard Kovacs CISA has added the Roundcube flaw tracked as CVE-2023-43770 to its known exploited vulnerabilities catalog. The post CISA Warns of Roundcube Webmail Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Roundcube Webmail Vulnerability Exploitation Read More »

ExpressVPN User Data Exposed Due to Bug

Data leak, VPN, Vulnerabilities /

ExpressVPN User Data Exposed Due to Bug 2024-02-12 at 16:16 By Ionut Arghire ExpressVPN disables split tunneling on Windows after learning that DNS requests were not properly directed. The post ExpressVPN User Data Exposed Due to Bug appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

ExpressVPN User Data Exposed Due to Bug Read More »

Exploitation of Another Ivanti VPN Vulnerability Observed

exploited, Featured, Ivanti, PoC, Vulnerabilities /

Exploitation of Another Ivanti VPN Vulnerability Observed 2024-02-12 at 13:01 By Ionut Arghire Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins. The post Exploitation of Another Ivanti VPN Vulnerability Observed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Exploitation of Another Ivanti VPN Vulnerability Observed Read More »

Ivanti Patches High-Severity Vulnerability in VPN Appliances

Ivanti, Vulnerabilities /

Ivanti Patches High-Severity Vulnerability in VPN Appliances 2024-02-09 at 15:17 By Ionut Arghire An XXE flaw in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways could lead to unauthenticated access to resources. The post Ivanti Patches High-Severity Vulnerability in VPN Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Ivanti Patches High-Severity Vulnerability in VPN Appliances Read More »

Fortinet Warns of New FortiOS Zero-Day

exploited, Featured, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Warns of New FortiOS Zero-Day 2024-02-09 at 13:46 By Eduard Kovacs Fortinet patches CVE-2024-21762, a critical remote code execution vulnerability that may have been exploited in the wild. The post Fortinet Warns of New FortiOS Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Fortinet Warns of New FortiOS Zero-Day Read More »

Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices

Cisco, Vulnerabilities /

Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices 2024-02-08 at 16:01 By Ionut Arghire Two critical vulnerabilities in Cisco Expressway series devices can be exploited in CSRF attacks without authentication. The post Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices Read More »

How to Predict Your Patching Priorities

Vulnerabilities /

How to Predict Your Patching Priorities 2024-02-08 at 13:46 By Derek Manky Implementing a smart and timely approach to patching remains one of the primary ways for organizations to protect their networks from attackers. The post How to Predict Your Patching Priorities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

How to Predict Your Patching Priorities Read More »

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability 

Linux, Vulnerabilities, vulnerability /

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability  2024-02-07 at 16:31 By Ionut Arghire A critical remote code execution vulnerability in Shim could allow attackers to take over vulnerable Linux systems. The post Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability  Read More »

JetBrains Patches Critical Authentication Bypass in TeamCity

TeamCity, Vulnerabilities /

JetBrains Patches Critical Authentication Bypass in TeamCity 2024-02-07 at 16:31 By Ionut Arghire JetBrains releases patches for a critical-severity TeamCity authentication bypass leading to remote code execution. The post JetBrains Patches Critical Authentication Bypass in TeamCity appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

JetBrains Patches Critical Authentication Bypass in TeamCity Read More »

Scroll to Top