Vulnerabilities - Security Ticks

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence 31/08/2023 at 15:46 By Ionut Arghire Splunk has released patches for multiple high-severity vulnerabilities impacting Splunk Enterprise and IT Service Intelligence. The post Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View […]

React to this headline:

Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence Read More »

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication

exploited, Juniper, Vulnerabilities / SecurityTicks

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication 30/08/2023 at 16:47 By Ionut Arghire Four recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published. The post Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication appeared first on SecurityWeek.

React to this headline:

Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication Read More »

High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome

Chrome, Firefox, Vulnerabilities / SecurityTicks

High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome 30/08/2023 at 14:17 By Ionut Arghire Mozilla and Google have released stable updates for the Firefox and Chrome browsers to address several memory corruption vulnerabilities. The post High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome Read More »

VMware Patches Major Security Flaws in Network Monitoring Product

CISA KEV, Malware & Threats, Network Security, VMWare, VMware aria Operations for Logs, Vulnerabilities / SecurityTicks

VMware Patches Major Security Flaws in Network Monitoring Product 29/08/2023 at 23:02 By Ryan Naraine VWware patches critical flaws that allow hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The post VMware Patches Major Security Flaws in Network Monitoring Product appeared first on SecurityWeek. This article

React to this headline:

VMware Patches Major Security Flaws in Network Monitoring Product Read More »

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks

Cisco, Vulnerabilities / SecurityTicks

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks 24/08/2023 at 18:31 By Ionut Arghire Cisco has released patches for three high-severity vulnerabilities in NX-OS and FXOS software that could lead to denial-of-service (DoS) conditions. The post Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks Read More »

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

exploited, Malware & Threats, Openfire, Vulnerabilities / SecurityTicks

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability 23/08/2023 at 17:19 By Ionut Arghire More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit. The post 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability appeared first on SecurityWeek. This article is an

React to this headline:

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability Read More »

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities

Chrome, Vulnerabilities / SecurityTicks

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities 23/08/2023 at 15:17 By Ionut Arghire Google has released the first weekly Chrome security update, which patches five memory safety vulnerabilities, including four rated ‘high severity’. The post First Weekly Chrome Security Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities Read More »

Exploitation of Ivanti Sentry Zero-Day Confirmed

exploited, Featured, Ivanti, Vulnerabilities, Zero-Day / SecurityTicks

Exploitation of Ivanti Sentry Zero-Day Confirmed 23/08/2023 at 12:17 By Eduard Kovacs While initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it. The post Exploitation of Ivanti Sentry Zero-Day Confirmed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Exploitation of Ivanti Sentry Zero-Day Confirmed Read More »

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

ColdFusion, exploited, Featured, Malware & Threats, Vulnerabilities / SecurityTicks

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability 22/08/2023 at 13:47 By Eduard Kovacs CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild. The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability Read More »

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability

Malware & Threats, Network Security, Vulnerabilities / SecurityTicks

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability 21/08/2023 at 22:31 By Ryan Naraine A critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations. The post Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability Read More »

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution

Juniper, Vulnerabilities / SecurityTicks

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution 21/08/2023 at 14:01 By Ionut Arghire Juniper Networks has released Junos OS updates to address J-Web vulnerabilities that can be combined to achieve unauthenticated, remote code execution. The post Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution

React to this headline:

Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution Read More »

In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets

Cyberwarfare, In Other News, Vulnerabilities / SecurityTicks

In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets 18/08/2023 at 18:17 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 14, 2023. The post In Other News: US Hacking China, Unfixed PowerShell Gallery

React to this headline:

In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets Read More »

Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins

Jenkins, Vulnerabilities / SecurityTicks

Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins 18/08/2023 at 16:46 By Ionut Arghire Jenkins has announced patches for high and medium-severity vulnerabilities impacting several of the open source automation tool’s plugins. The post Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins Read More »

Companies Respond to ‘Downfall’ Intel CPU Vulnerability

Endpoint Security, Vulnerabilities / SecurityTicks

Companies Respond to ‘Downfall’ Intel CPU Vulnerability 18/08/2023 at 15:49 By Eduard Kovacs Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs. The post Companies Respond to ‘Downfall’ Intel CPU Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Companies Respond to ‘Downfall’ Intel CPU Vulnerability Read More »

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results

Application Security, Supply Chain Security, Vulnerabilities / SecurityTicks

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results 17/08/2023 at 20:46 By Ryan Naraine Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage. The post Google Brings AI Magic to Fuzz Testing With Eye-Opening Results appeared first on SecurityWeek. This article is an

React to this headline:

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results Read More »

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

Cisco, Vulnerabilities / SecurityTicks

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications 17/08/2023 at 19:02 By Ionut Arghire Cisco has patched high-severity vulnerabilities in enterprise applications that could lead to privilege escalation, SQL injection, and denial-of-service. The post Cisco Patches High-Severity Vulnerabilities in Enterprise Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications Read More »

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning

Citrix, exploited, Featured, Vulnerabilities / SecurityTicks

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning 17/08/2023 at 12:18 By Eduard Kovacs Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog. The post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning appeared first on SecurityWeek. This article is

React to this headline:

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning Read More »

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution

Ivanti, Vulnerabilities / SecurityTicks

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution 16/08/2023 at 16:45 By Ionut Arghire Ivanti has patched critical- and high-severity vulnerabilities with the latest release of Avalanche, its enterprise mobile device management solution. The post Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution Read More »

GitHub Paid Out $1.5 Million in Bug Bounties in 2022

Management & Strategy, Vulnerabilities / SecurityTicks

GitHub Paid Out $1.5 Million in Bug Bounties in 2022 16/08/2023 at 15:00 By Ionut Arghire GitHub says it paid out more than $1.5 million in bug bounties for 364 vulnerabilities in 2022, reaching a total of nearly $4 million since 2016. The post GitHub Paid Out $1.5 Million in Bug Bounties in 2022 appeared

React to this headline:

GitHub Paid Out $1.5 Million in Bug Bounties in 2022 Read More »

Chrome 116 Patches 26 Vulnerabilities

Chrome, Vulnerabilities / SecurityTicks

Chrome 116 Patches 26 Vulnerabilities 16/08/2023 at 15:00 By Ionut Arghire Google has released Chrome 116 with patches for 26 vulnerabilities and plans to ship weekly security updates for the popular web browser. The post Chrome 116 Patches 26 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Chrome 116 Patches 26 Vulnerabilities Read More »