Vulnerabilities

BIND Updates Patch Two High-Severity DoS Vulnerabilities

Vulnerabilities /

BIND Updates Patch Two High-Severity DoS Vulnerabilities 22/09/2023 at 15:17 By Ionut Arghire The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely. The post BIND Updates Patch Two High-Severity DoS Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source […]

React to this headline:

Loading spinner

BIND Updates Patch Two High-Severity DoS Vulnerabilities Read More »

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

apple, exploited, Featured, Mobile & Wireless, spyware, Vulnerabilities, Zero-Day /

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones 22/09/2023 at 13:31 By Eduard Kovacs Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones. The post Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones Read More »

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade

car hacking, IoT Security, Vulnerabilities /

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade 21/09/2023 at 15:31 By Eduard Kovacs An automotive cybersecurity study shows that critical-risk vulnerabilities have decreased in the past decade. The post Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade Read More »

GitLab Patches Critical Pipeline Execution Vulnerability

GitLab, Vulnerabilities /

GitLab Patches Critical Pipeline Execution Vulnerability 20/09/2023 at 15:31 By Ionut Arghire GitLab has released security updates to address a critical-severity vulnerability allowing an attacker to run pipelines as another user. The post GitLab Patches Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

GitLab Patches Critical Pipeline Execution Vulnerability Read More »

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems

Vulnerabilities, vulnerability /

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems 20/09/2023 at 15:31 By Eduard Kovacs Atos Unify product vulnerabilities could be exploited to cause disruption and reconfigure or backdoor the targeted system.  The post Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems Read More »

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Endpoint Security, exploited, Trend Micro, Vulnerabilities, Zero-Day /

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products 19/09/2023 at 15:47 By Eduard Kovacs Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks.  The post Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products Read More »

Thousands of Juniper Appliances Vulnerable to New Exploit 

exploited, Juniper, Vulnerabilities /

Thousands of Juniper Appliances Vulnerable to New Exploit  19/09/2023 at 15:47 By Ionut Arghire VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against. The post Thousands of Juniper Appliances Vulnerable to New Exploit  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Thousands of Juniper Appliances Vulnerable to New Exploit  Read More »

Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd

Featured, Vulnerabilities /

Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd 19/09/2023 at 14:24 By Kevin Townsend SecurityWeek interviews Casey Ellis, founder, chairman and CTO at Bugcrowd, best known for operating bug bounty programs for organizations. The post Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd Read More »

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates

Endpoint Security, Management & Strategy, Vulnerabilities /

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates 18/09/2023 at 18:09 By Ionut Arghire Google Chromebooks released from 2021 and onwards will receive automatic updates, including security patches, for 10 years. The post Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Extends Chromebook Lifespan, Promises 10 Years of Automatic Updates Read More »

Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products

Fortinet, Vulnerabilities /

Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products 18/09/2023 at 16:33 By Ionut Arghire Fortinet has released patches for a high-severity cross-site scripting vulnerability impacting its enterprise firewalls and switches. The post Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Fortinet Patches High-Severity Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products Read More »

Kubernetes Vulnerability Leads to Remote Code Execution

cloud security, Kubernetes, Vulnerabilities /

Kubernetes Vulnerability Leads to Remote Code Execution 14/09/2023 at 16:50 By Ionut Arghire A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster. The post Kubernetes Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Kubernetes Vulnerability Leads to Remote Code Execution Read More »

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery

Azure, cloud security, Vulnerabilities, XSS /

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery 14/09/2023 at 16:18 By Ionut Arghire Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery. The post Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery Read More »

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA

SAP, Vulnerabilities /

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA 13/09/2023 at 15:20 By Ionut Arghire SAP has released patches for a critical vulnerability impacting multiple enterprise applications, including NetWeaver and S/4HANA. The post SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Vulnerability Impacting NetWeaver, S/4HANA Read More »

CISA Offering Free Vulnerability Scanning Service to Water Utilities

ICS/OT, Vulnerabilities, vulnerability, Water /

CISA Offering Free Vulnerability Scanning Service to Water Utilities 13/09/2023 at 15:20 By Eduard Kovacs CISA is offering a free vulnerability scanning service to water utilities to help them protect drinking water and wastewater systems against cyberattacks. The post CISA Offering Free Vulnerability Scanning Service to Water Utilities appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

CISA Offering Free Vulnerability Scanning Service to Water Utilities Read More »

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits

Malware & Threats, Microsoft, Microsoft Office, Nation-State, Patch Tuesday, Vulnerabilities, Zero-Day /

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits 12/09/2023 at 22:16 By Ryan Naraine Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild. The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Zero Day Summer: Microsoft Warns of Fresh New Software Exploits Read More »

Adobe Says Critical PDF Reader Zero-Day Being Exploited 

Adobe, CVE-2023-26369, Data Breaches, Nation-State, reader, Vulnerabilities /

Adobe Says Critical PDF Reader Zero-Day Being Exploited  12/09/2023 at 19:47 By Ryan Naraine Adobe raises an alarm for new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product. The post Adobe Says Critical PDF Reader Zero-Day Being Exploited  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Adobe Says Critical PDF Reader Zero-Day Being Exploited  Read More »

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters

Chrome, exploited, Featured, spyware, Vulnerabilities, Zero-Day /

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters 12/09/2023 at 12:01 By Ionut Arghire Google has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023. The post Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters Read More »

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices

ICS/OT, UPS, Vulnerabilities /

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices 11/09/2023 at 13:16 By Eduard Kovacs A researcher has found 7 vulnerabilities in Socomec UPS products that can be exploited to hijack and disrupt devices.  The post Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerabilities Allow Hackers to Hijack, Disrupt Socomec UPS Devices Read More »

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach 

Cyberwarfare, Data Breaches, In Other News, Vulnerabilities /

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach  08/09/2023 at 17:31 By SecurityWeek News Noteworthy stories that might have slipped under the radar: LastPass vault hacking, Russia targets energy facility in Ukraine, NXP data breach. The post In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach 

React to this headline:

Loading spinner

In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach  Read More »

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks

Cisco, Featured, Malware & Threats, Vulnerabilities, Zero-Day /

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks 08/09/2023 at 17:31 By Ionut Arghire Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks. The post Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks Read More »

Scroll to Top