Vulnerabilities

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates

Endpoint Security, Management & Strategy, Vulnerabilities /

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates 18/09/2023 at 18:09 By Ionut Arghire Google Chromebooks released from 2021 and onwards will receive automatic updates, including security patches, for 10 years. The post Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates Read More »

Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products

Fortinet, Vulnerabilities /

Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products 18/09/2023 at 16:33 By Ionut Arghire Fortinet has released patches for a high-severity cross-site scripting vulnerability impacting its enterprise firewalls and switches. The post Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products Read More »

Kubernetes Vulnerability Leads to Remote Code Execution

cloud security, Kubernetes, Vulnerabilities /

Kubernetes Vulnerability Leads to Remote Code Execution 14/09/2023 at 16:50 By Ionut Arghire A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster. The post Kubernetes Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Kubernetes Vulnerability Leads to Remote Code Execution Read More »

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery

Azure, cloud security, Vulnerabilities, XSS /

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery 14/09/2023 at 16:18 By Ionut Arghire Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery. The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery Read More »

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA

SAP, Vulnerabilities /

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA 13/09/2023 at 15:20 By Ionut Arghire SAP has released patches for a critical vulnerability impacting multiple enterprise applications, including NetWeaver and S/4HANA. The post SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA Read More »

CISA Offering Free Vulnerability Scanning Service to Water Utilities

ICS/OT, Vulnerabilities, vulnerability, Water /

CISA Offering Free Vulnerability Scanning Service to Water Utilities 13/09/2023 at 15:20 By Eduard Kovacs CISA is offering a free vulnerability scanning service to water utilities to help them protect drinking water and wastewater systems against cyberattacks. The post CISA Offering Free Vulnerability Scanning Service to Water Utilities appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

CISA Offering Free Vulnerability Scanning Service to Water Utilities Read More »

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits

Malware & Threats, Microsoft, Microsoft Office, Nation-State, Patch Tuesday, Vulnerabilities, Zero-Day /

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits 12/09/2023 at 22:16 By Ryan Naraine Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild. The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits Read More »

Adobe Says Critical PDF Reader Zero-Day Being Exploited 

Adobe, CVE-2023-26369, Data Breaches, Nation-State, reader, Vulnerabilities /

Adobe Says Critical PDF Reader Zero-Day Being Exploited  12/09/2023 at 19:47 By Ryan Naraine Adobe raises an alarm for new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product. The post Adobe Says Critical PDF Reader Zero-Day Being Exploited  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Adobe Says Critical PDF Reader Zero-Day Being Exploited  Read More »

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Chrome, exploited, Featured, spyware, Vulnerabilities, Zero-Day /

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters 12/09/2023 at 12:01 By Ionut Arghire Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023. The post Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters Read More »

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices

ICS/OT, UPS, Vulnerabilities /

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices 11/09/2023 at 13:16 By Eduard Kovacs A researcher has found 7 vulnerabilities in Socomec UPS products that can be exploited to hijack and disrupt devices.  The post Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices Read More »

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Cisco, Featured, Malware & Threats, Vulnerabilities, Zero-Day /

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks 08/09/2023 at 17:31 By Ionut Arghire Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks. The post Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks Read More »

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach 

Cyberwarfare, Data Breaches, In Other News, Vulnerabilities /

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach  08/09/2023 at 17:31 By SecurityWeek News Noteworthy stories that might have slipped under the radar: LastPass vault hacking, Russia targets energy facility in Ukraine, NXP data breach. The post In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach 

React to this headline:

Loading spinner

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach  Read More »

Apple Patches Actively Exploited iOS, macOS Zero-Days

apple, Citizen Lab, CVE-2023-41061, CVE-2023-41064, Malware & Threats, Mobile & Wireless, Nation-State, Vulnerabilities /

Apple Patches Actively Exploited iOS, macOS Zero-Days 07/09/2023 at 23:31 By Ryan Naraine Apple pushes out an urgent point-update to its flagship iOS and macOS platforms to fix a pair of security defects being exploited in the wild. The post Apple Patches Actively Exploited iOS, macOS Zero-Days appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Apple Patches Actively Exploited iOS, macOS Zero-Days Read More »

Rigged Software and Zero-Days: North Korean APT Caught Hacking Security Researchers

Google TAG, Lazarus, Malware & Threats, Nation-State, North Korea, Vulnerabilities /

Rigged Software and Zero-Days: North Korean APT Caught Hacking Security Researchers 07/09/2023 at 23:31 By Ryan Naraine Google again catches a North Korean APT actor targeting security researchers with zero-days and rigged software tools. The post Rigged Software and Zero-Days: North Korean APT Caught Hacking Security Researchers appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Rigged Software and Zero-Days: North Korean APT Caught Hacking Security Researchers Read More »

Cisco Patches Critical Vulnerability in BroadWorks Platform

Cisco, Vulnerabilities /

Cisco Patches Critical Vulnerability in BroadWorks Platform 07/09/2023 at 16:02 By Ionut Arghire Cisco has released patches for CVE-2023-20238, a critical authentication bypass vulnerability in the BroadWorks Application Delivery Platform. The post Cisco Patches Critical Vulnerability in BroadWorks Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerability in BroadWorks Platform Read More »

Password-Stealing Chrome Extension Demonstrates New Vulnerabilities

Chrome, Stealer, Vulnerabilities /

Password-Stealing Chrome Extension Demonstrates New Vulnerabilities 06/09/2023 at 18:16 By Ionut Arghire Academic researchers design a Chrome extension to steal passwords from input fields and publish it to the Chrome webstore. The post Password-Stealing Chrome Extension Demonstrates New Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Password-Stealing Chrome Extension Demonstrates New Vulnerabilities Read More »

Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio

camera, Vulnerabilities /

Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio 06/09/2023 at 18:16 By Eduard Kovacs Dozens of vulnerabilities have been found in widely used security cameras made by defunct Chinese company Zavio.  The post Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Dozens of Unpatched Flaws Expose Security Cameras Made by Defunct Company Zavio Read More »

AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure

VPN, Vulnerabilities, vulnerability /

AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure 06/09/2023 at 14:17 By Eduard Kovacs AtlasVPN developers are working on a patch for an IP leak vulnerability after a researcher publicly disclosed the flaw due to being ignored. The post AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure Read More »

Chrome 116 Update Patches High-Severity Vulnerabilities

Chrome, Vulnerabilities /

Chrome 116 Update Patches High-Severity Vulnerabilities 06/09/2023 at 14:17 By Ionut Arghire Google has released another weekly Chrome update, to address four high-severity vulnerabilities reported by external researchers. The post Chrome 116 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Chrome 116 Update Patches High-Severity Vulnerabilities Read More »

Exploit Code Published for Critical-Severity VMware Security Defect

Aria Operations for Networks, CISA, CVE-2023-34039, ICS/OT, Network Security, VMWare, Vulnerabilities /

Exploit Code Published for Critical-Severity VMware Security Defect 02/09/2023 at 02:22 By Ryan Naraine Exploit code and root-cause analysis released by SinSinology documents the problem as a case where VMWare “forgot to regenerate” SSH keys. The post Exploit Code Published for Critical-Severity VMware Security Defect appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Exploit Code Published for Critical-Severity VMware Security Defect Read More »

Scroll to Top