Vulnerabilities - Security Ticks

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices

AMI, BMC, Endpoint Security, Vulnerabilities / SecurityTicks

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices 20/07/2023 at 21:18 By Eduard Kovacs Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause physical damage. The post New AMI BMC Flaws Allowing Takeover and […]

React to this headline:

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices Read More »

Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities

Adobe, ColdFusion, exploited, Vulnerabilities / SecurityTicks

Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities 20/07/2023 at 12:20 By Eduard Kovacs Adobe releases a second round of patches for recent ColdFusion vulnerabilities, including flaws that have been exploited in attacks. The post Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities Read More »

Chrome 115 Patches 20 Vulnerabilities

Vulnerabilities / SecurityTicks

Chrome 115 Patches 20 Vulnerabilities 19/07/2023 at 13:32 By Ionut Arghire Chrome 115 released with patches for 20 vulnerabilities, including 11 reported by external researchers, who earned thousands of dollars in bug bounties. The post Chrome 115 Patches 20 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Chrome 115 Patches 20 Vulnerabilities Read More »

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned

Citrix, exploited, Vulnerabilities, Zero-Day / SecurityTicks

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned 19/07/2023 at 13:32 By Eduard Kovacs Citrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks. The post Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned appeared first on SecurityWeek. This article is an

React to this headline:

Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned Read More »

Oracle Releases 508 New Security Patches With July 2023 CPU

Oracle, Vulnerabilities / SecurityTicks

Oracle Releases 508 New Security Patches With July 2023 CPU 19/07/2023 at 13:32 By Ionut Arghire Oracle has released 508 new security patches as part of the July 2023 CPU, including more than 70 that address critical vulnerabilities The post Oracle Releases 508 New Security Patches With July 2023 CPU appeared first on SecurityWeek. This

React to this headline:

Oracle Releases 508 New Security Patches With July 2023 CPU Read More »

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks

Adobe, ColdFusion, exploited, Featured, Vulnerabilities / SecurityTicks

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks 18/07/2023 at 14:19 By Eduard Kovacs At least two new Adobe ColdFusion vulnerabilities have been exploited in the wild, including one that has not been completely patched by the software giant. The post Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article

React to this headline:

Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks Read More »

Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw

Adobe, exploited, Vulnerabilities / SecurityTicks

Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw 17/07/2023 at 13:31 By Ionut Arghire Adobe patches critical code execution vulnerability in ColdFusion for which a proof-of-concept (PoC) blog exists. The post Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Exploitation of ColdFusion Vulnerability Reported as Adobe Patches Another Critical Flaw Read More »

Critical Cisco SD-WAN Vulnerability Leads to Information Leaks

Vulnerabilities / SecurityTicks

Critical Cisco SD-WAN Vulnerability Leads to Information Leaks 14/07/2023 at 15:34 By Ionut Arghire A critical vulnerability in the Cisco SD-WAN vManage software could allow unauthenticated attackers to retrieve information from vulnerable instances. The post Critical Cisco SD-WAN Vulnerability Leads to Information Leaks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Critical Cisco SD-WAN Vulnerability Leads to Information Leaks Read More »

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability

Lemmy, Vulnerabilities, XSS / SecurityTicks

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability 14/07/2023 at 14:34 By Eduard Kovacs Several instances of the Reddit alternative Lemmy were hacked in recent days by attackers who had exploited a zero-day vulnerability. The post Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Hackers Target Reddit Alternative Lemmy via Zero-Day Vulnerability Read More »

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day

Featured, Vulnerabilities, Zero-Day, Zimbra / SecurityTicks

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day 14/07/2023 at 13:06 By Eduard Kovacs Google researchers have discovered that a Zimbra zero-day vulnerability has been exploited in the wild, with users being advised to manually patch their installations. The post Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day appeared first on SecurityWeek. This article is

React to this headline:

Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day Read More »

API Flaw in QuickBlox Framework Exposed PII of Millions of Users

API, Application Security, Vulnerabilities / SecurityTicks

API Flaw in QuickBlox Framework Exposed PII of Millions of Users 13/07/2023 at 21:18 By Kevin Townsend QuickBlox SDK and API vulnerabilities impact chat and video applications used by industries including telemedicine, smart IoT, and finance. The post API Flaw in QuickBlox Framework Exposed PII of Millions of Users appeared first on SecurityWeek. This article

React to this headline:

API Flaw in QuickBlox Framework Exposed PII of Millions of Users Read More »

Popular WordPress Security Plugin Caught Logging Plaintext Passwords

Vulnerabilities / SecurityTicks

Popular WordPress Security Plugin Caught Logging Plaintext Passwords 13/07/2023 at 17:46 By Ionut Arghire The All-In-One Security (AIOS) WordPress plugin was found to be writing plaintext passwords to log files. The post Popular WordPress Security Plugin Caught Logging Plaintext Passwords appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Juniper Networks Patches High-Severity Vulnerabilities in Junos OS

Juniper, Vulnerabilities / SecurityTicks

Juniper Networks Patches High-Severity Vulnerabilities in Junos OS 13/07/2023 at 15:31 By Ionut Arghire Juniper Networks has patched multiple high-severity vulnerabilities in Junos OS, Junos OS Evolved, and Junos Space. The post Juniper Networks Patches High-Severity Vulnerabilities in Junos OS appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Juniper Networks Patches High-Severity Vulnerabilities in Junos OS Read More »

SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products

SonicWall, Vulnerabilities / SecurityTicks

SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products 13/07/2023 at 14:47 By Ionut Arghire SonicWall patches four critical-severity vulnerabilities in its Global Management System (GMS) and Analytics products. The post SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

SonicWall Patches Critical Vulnerabilities in GMS, Analytics Products Read More »

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue

Vulnerabilities / SecurityTicks

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue 13/07/2023 at 14:47 By Eduard Kovacs Apple has re-released its Rapid Security Response updates for iOS and macOS after fixing a website access issue caused by the original patches. The post Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue appeared first

React to this headline:

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue Read More »

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure

exploit, Featured, ICS, ICS/OT, Malware & Threats, Rockwell Automation, Vulnerabilities / SecurityTicks

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure 13/07/2023 at 13:32 By Eduard Kovacs Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could use it to target critical infrastructure. The post APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure appeared first on

React to this headline:

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure Read More »

Hardcoded Accounts Allow Full Takeover of Technicolor Routers

Network Security, Vulnerabilities / SecurityTicks

Hardcoded Accounts Allow Full Takeover of Technicolor Routers 12/07/2023 at 19:00 By Ionut Arghire Multiple hardcoded accounts on the Technicolor TG670 DSL gateway router can be used to completely take over the impacted devices. The post Hardcoded Accounts Allow Full Takeover of Technicolor Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Hardcoded Accounts Allow Full Takeover of Technicolor Routers Read More »

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies

Vulnerabilities / SecurityTicks

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies 12/07/2023 at 19:00 By Kevin Townsend Bugcrowd’s Inside the Mind of the Hacker report shows the speed and efficiency of hackers adopting new technologies to assist their hunting The post Inside the Mind of the Hacker: Report Shows

React to this headline:

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies Read More »

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu

Vulnerabilities / SecurityTicks

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu 12/07/2023 at 15:33 By Ionut Arghire Citrix has patched a critical-severity vulnerability in Secure Access client for Ubuntu that could lead to remote code execution (RCE). The post Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu appeared first on SecurityWeek. This article is

React to this headline:

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu Read More »

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution

Fortinet, Vulnerabilities, vulnerability / SecurityTicks

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution 12/07/2023 at 14:54 By Ionut Arghire Fortinet patches a critical-severity vulnerability in FortiOS and FortiProxy that could lead to remote code execution. The post Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution Read More »