Vulnerabilities

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

China, CVE-2024-38812, CVE-2024-38813, Matrix CUp, vCenter Server, VMWare, Vulnerabilities /

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest 2024-09-17 at 22:31 By Ryan Naraine VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10. The post VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest appeared first on […]

React to this headline:

Loading spinner

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest Read More »

D-Link Patches Critical Router Vulnerabilities

D-Link, router, Vulnerabilities /

D-Link Patches Critical Router Vulnerabilities 2024-09-17 at 17:34 By Ionut Arghire D-Link has released patches for critical vulnerabilities that could allow attackers to execute arbitrary code and commands on routers. The post D-Link Patches Critical Router Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

D-Link Patches Critical Router Vulnerabilities Read More »

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies

email security, Emerging Threats, Managed Detection and Response, Security Research, Threat Intelligence, Vulnerabilities /

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies 2024-09-17 at 16:01 By ALPHV, also known as BlackCat or Noberus, is a sophisticated ransomware group targeting critical infrastructure and various organizations, including being the most active group used to attack the financial services sector. This article is an excerpt from Trustwave Blog View Original

React to this headline:

Loading spinner

ALPHV BlackCat Ransomware: A Technical Deep Dive and Mitigation Strategies Read More »

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season

email security, Emerging Threats, Government, Security Research, Threat Intelligence, Vulnerabilities /

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season 2024-09-17 at 16:01 By The US election is less than 70 days away and threat actors are busy crafting malicious spam that uses candidate names and political themes as social engineering tools to convince recipients to open their emails. This article is an excerpt

React to this headline:

Loading spinner

Spam With A Political Twist: Fraudsters Are Exploiting The Election Season Read More »

Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks

exploited, Featured, Ransomware, Vulnerabilities, WhatsUp Gold /

Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks 2024-09-17 at 13:01 By Eduard Kovacs Two recently patched Progress Software WhatsUp Gold vulnerabilities may have been exploited in the wild, possibly in ransomware attacks. The post Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks Read More »

Apple Patches Major Security Flaws with iOS 18 Refresh

apple, iOS 18, iPadOS, iPhone, macOS, Vulnerabilities /

Apple Patches Major Security Flaws with iOS 18 Refresh 2024-09-16 at 23:13 By Ryan Naraine Apple warns that attackers can use Siri to access sensitive user data, control nearby devices, or view recent photos without authentication.  The post Apple Patches Major Security Flaws with iOS 18 Refresh appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Apple Patches Major Security Flaws with iOS 18 Refresh Read More »

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

exploited, Vulnerabilities, Windows, Zero-Day /

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day 2024-09-16 at 14:46 By Ionut Arghire Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024. The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day Read More »

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure

exploited, Ivanti, Vulnerabilities /

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure 2024-09-16 at 12:31 By Eduard Kovacs The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure. The post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure Read More »

SolarWinds Patches Critical Vulnerability in Access Rights Manager

SolarWinds, Vulnerabilities, vulnerability /

SolarWinds Patches Critical Vulnerability in Access Rights Manager 2024-09-16 at 12:31 By Ionut Arghire SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager. The post SolarWinds Patches Critical Vulnerability in Access Rights Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

SolarWinds Patches Critical Vulnerability in Access Rights Manager Read More »

Apple Suddenly Drops NSO Group Spyware Lawsuit

apple, Featured, iOS, Nation-State, nso group, surveillance, Vulnerabilities, WhatApp /

Apple Suddenly Drops NSO Group Spyware Lawsuit 2024-09-14 at 00:01 By Ryan Naraine Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case. The post Apple Suddenly Drops NSO Group Spyware Lawsuit appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Suddenly Drops NSO Group Spyware Lawsuit Read More »

In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit

In Other News, Vulnerabilities /

In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit 2024-09-13 at 16:31 By SecurityWeek News Noteworthy stories that might have slipped under the radar: a possible Adobe Reader zero-day, researchers mistakenly hijack .mobi TLD, and an exploited WhatsApp View Once bypass. The post In Other News: Possible Adobe Reader Zero-Day, Hijacking

React to this headline:

Loading spinner

In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploit Read More »

Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks

apple, Vision Pro, Vulnerabilities /

Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks 2024-09-13 at 16:31 By Eduard Kovacs Apple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys. The post Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks Read More »

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media

Artificial Intelligence, Emerging Threats, Government, Managed Security Services, Threat Intelligence, Vulnerabilities /

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media 2024-09-13 at 16:01 By Jose Tozo With the US election on the horizon, it’s a good time to explore the concept of social media weaponization and its use in asymmetrically manipulating public opinion through bots, automation, AI, and shady

React to this headline:

Loading spinner

Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media Read More »

GitLab Updates Resolve Critical Pipeline Execution Vulnerability

GitLab, Vulnerabilities, vulnerability /

GitLab Updates Resolve Critical Pipeline Execution Vulnerability 2024-09-13 at 12:16 By Ionut Arghire GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw. The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

GitLab Updates Resolve Critical Pipeline Execution Vulnerability Read More »

Palo Alto Networks Patches Dozens of Vulnerabilities 

Palo Alto Networks, Vulnerabilities, vulnerability /

Palo Alto Networks Patches Dozens of Vulnerabilities  2024-09-12 at 16:46 By Eduard Kovacs Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser. The post Palo Alto Networks Patches Dozens of Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Palo Alto Networks Patches Dozens of Vulnerabilities  Read More »

How Phishing-as-a-Service Exposes Financial Services to Extensive Threats

data breach, email security, Reports, Security Research, Threat Intelligence, Vulnerabilities /

How Phishing-as-a-Service Exposes Financial Services to Extensive Threats 2024-09-12 at 16:01 By Phishing remains the favored and most successful method of obtaining an initial foothold in a targeted organization. So it should come as no surprise that threat actors have developed turnkey solutions that enable even low-skilled hackers to conduct successful email attacks. This article

React to this headline:

Loading spinner

How Phishing-as-a-Service Exposes Financial Services to Extensive Threats Read More »

Cisco Patches High-Severity Vulnerabilities in Network Operating System

Cisco, Vulnerabilities /

Cisco Patches High-Severity Vulnerabilities in Network Operating System 2024-09-12 at 14:46 By Ionut Arghire Cisco has announced security updates that patch eight vulnerabilities in IOS XR software, including six high-severity bugs. The post Cisco Patches High-Severity Vulnerabilities in Network Operating System appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Cisco Patches High-Severity Vulnerabilities in Network Operating System Read More »

Intel Informs Customers About Over a Dozen Processor Vulnerabilities

Chipmaker Patch Tuesday, Intel, Vulnerabilities, vulnerability /

Intel Informs Customers About Over a Dozen Processor Vulnerabilities 2024-09-11 at 17:16 By Eduard Kovacs Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products. The post Intel Informs Customers About Over a Dozen Processor Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Intel Informs Customers About Over a Dozen Processor Vulnerabilities Read More »

Insider Threats: The Hidden Enemy Within Financial Services

Managed Detection and Response, Reports, Security Research, Threat Intelligence, Vulnerabilities /

Insider Threats: The Hidden Enemy Within Financial Services 2024-09-11 at 16:02 By Financial services organizations already face a dizzying array of external threats, but just as dangerous and often harder to spot are the threats posed by people inside their firm, according to the Trustwave SpiderLabs’ Financial Services Deep Dive: Insider Threat. This article is an

React to this headline:

Loading spinner

Insider Threats: The Hidden Enemy Within Financial Services Read More »

Ivanti Patches Critical Vulnerabilities in Endpoint Manager

Ivanti, Vulnerabilities, vulnerability /

Ivanti Patches Critical Vulnerabilities in Endpoint Manager 2024-09-11 at 14:01 By Ionut Arghire Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control. The post Ivanti Patches Critical Vulnerabilities in Endpoint Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Ivanti Patches Critical Vulnerabilities in Endpoint Manager Read More »

Scroll to Top