Vulnerabilities - Security Ticks

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

mikrotik, Network Security, Vulnerabilities / SecurityTicks

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own 23/05/2023 at 21:33 By Ryan Naraine MikroTik patches a major security defect in its RouterOS product a full five months after it was exploited at Pwn2Own Toronto. The post Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own Read More »

Samsung Smartphone Users Warned of Actively Exploited Vulnerability

Featured, Mobile & Wireless, Samsung, Vulnerabilities / SecurityTicks

Samsung Smartphone Users Warned of Actively Exploited Vulnerability 22/05/2023 at 12:50 By Eduard Kovacs Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor. The post Samsung Smartphone Users Warned of Actively Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Samsung Smartphone Users Warned of Actively Exploited Vulnerability Read More »

Pimcore Platform Flaws Exposed Users to Code Execution

Supply Chain Security, Vulnerabilities / SecurityTicks

Pimcore Platform Flaws Exposed Users to Code Execution 19/05/2023 at 23:09 By Ionut Arghire Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks. The post Pimcore Platform Flaws Exposed Users to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Pimcore Platform Flaws Exposed Users to Code Execution Read More »

Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities

apple, Featured, Mobile & Wireless, Vulnerabilities, Zero-Day / SecurityTicks

Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities 19/05/2023 at 13:05 By Eduard Kovacs Apple has patched 3 zero-days, two of which are the vulnerabilities patched with the tech giant’s first Rapid Security Response updates. The post Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities Read More »

Google Announces New Rating System for Android and Device Vulnerability Reports

Mobile & Wireless, Vulnerabilities / SecurityTicks

Google Announces New Rating System for Android and Device Vulnerability Reports 18/05/2023 at 17:00 By Ionut Arghire Google is updating its vulnerability reports rating system to encourage researchers to provide more details on the reported bugs. The post Google Announces New Rating System for Android and Device Vulnerability Reports appeared first on SecurityWeek. This article

React to this headline:

Google Announces New Rating System for Android and Device Vulnerability Reports Read More »

PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords

KeePass, password, Vulnerabilities / SecurityTicks

PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords 18/05/2023 at 15:30 By Ionut Arghire Researcher publishes PoC tool that exploits unpatched KeePass vulnerability to retrieve the master password from memory. The post PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords Read More »

Cisco Says PoC Exploits Available for Newly Patched Enterprise Switch Vulnerabilities

Vulnerabilities / SecurityTicks

Cisco Says PoC Exploits Available for Newly Patched Enterprise Switch Vulnerabilities 18/05/2023 at 15:30 By Ionut Arghire Cisco has released patches for critical vulnerabilities in small business switches for which public proof-of-concept (PoC) code exists. The post Cisco Says PoC Exploits Available for Newly Patched Enterprise Switch Vulnerabilities appeared first on SecurityWeek. This article is

React to this headline:

Cisco Says PoC Exploits Available for Newly Patched Enterprise Switch Vulnerabilities Read More »

Chrome 113 Security Update Patches Critical Vulnerability

Vulnerabilities / SecurityTicks

Chrome 113 Security Update Patches Critical Vulnerability 17/05/2023 at 15:10 By Ionut Arghire Google has released a Chrome 113 update to patch 12 vulnerabilities, including a critical use-after-free flaw. The post Chrome 113 Security Update Patches Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Chrome 113 Security Update Patches Critical Vulnerability Read More »

Cisco Routers Exploited by Russian State-Sponsored Attackers

APT28 Exploits, Cisco, CVE-2017-6742, FBI, India, IOS Routers, IOS XE Software, Jaguar Tooth, Malware, MIBs, Russia, SNMP, TETP, Vulnerabilities / SecurityTicks

Cisco Routers Exploited by Russian State-Sponsored Attackers 16/05/2023 at 16:53 By cybleinc Jaguar Tooth Malware deployed via exploitation of SNMP Vulnerability On April 18, 2023, the Cybersecurity and Infrastructure Agency (CISA), the US Federal Bureau of Investigation (FBI) & UK National Cyber Security Centre released the cybersecurity advisory “APT28 Exploits Known Vulnerability to Carry Out

React to this headline:

Cisco Routers Exploited by Russian State-Sponsored Attackers Read More »

Teltonika Vulnerabilities Could Expose Thousands of Industrial Organizations to Remote Attacks

Featured, ICS, ICS/OT, Vulnerabilities, vulnerability / SecurityTicks

Teltonika Vulnerabilities Could Expose Thousands of Industrial Organizations to Remote Attacks 16/05/2023 at 16:09 By Eduard Kovacs Critical vulnerabilities found in Teltonika products by industrial cybersecurity firms Otorio and Claroty expose thousands of internet-exposed devices to attacks. The post Teltonika Vulnerabilities Could Expose Thousands of Industrial Organizations to Remote Attacks appeared first on SecurityWeek. This

React to this headline:

Teltonika Vulnerabilities Could Expose Thousands of Industrial Organizations to Remote Attacks Read More »

WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch

Vulnerabilities, WordPress / SecurityTicks

WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch 15/05/2023 at 17:47 By Ionut Arghire PoC exploit targeting an XSS vulnerability in the Advanced Custom Fields WordPress plugin started being used in malicious attacks two days after patch. The post WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch

React to this headline:

WordPress Field Builder Plugin Vulnerability Exploited in Attacks Two Days After Patch Read More »

CISA: Several Old Linux Vulnerabilities Exploited in Attacks

CISA, Vulnerabilities, vulnerability / SecurityTicks

CISA: Several Old Linux Vulnerabilities Exploited in Attacks 15/05/2023 at 13:12 By Eduard Kovacs Several old Linux vulnerabilities for which there are no public reports of malicious exploitation have been added to CISA’s KEV catalog. The post CISA: Several Old Linux Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

CISA: Several Old Linux Vulnerabilities Exploited in Attacks Read More »

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

Ferrari, Vulnerabilities, WordPress / SecurityTicks

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers 12/05/2023 at 20:45 By Eduard Kovacs A vulnerability in a WordPress plugin exposed the official website of sports car maker Ferrari to hacker attacks. The post WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers Read More »

1 Million WordPress Sites Impacted by Exploited Plugin Vulnerability

Malware & Threats, Vulnerabilities / SecurityTicks

1 Million WordPress Sites Impacted by Exploited Plugin Vulnerability 12/05/2023 at 12:25 By Ionut Arghire Exploitation of a critical vulnerability in the Essential Addons for Elementor WordPress plugin started immediately after a patch was released. The post 1 Million WordPress Sites Impacted by Exploited Plugin Vulnerability appeared first on SecurityWeek. This article is an excerpt

React to this headline:

1 Million WordPress Sites Impacted by Exploited Plugin Vulnerability Read More »

Mass Event Will Let Hackers Test Limits of AI Technology

Artificial Intelligence, ChatGPT, Vulnerabilities / SecurityTicks

Mass Event Will Let Hackers Test Limits of AI Technology 11/05/2023 at 17:42 By Associated Press ChatGPT maker OpenAI, and other major AI providers such as Google and Microsoft, are coordinating with the Biden administration to let thousands of hackers take a shot at testing the limits of their technology. The post Mass Event Will

React to this headline:

Mass Event Will Let Hackers Test Limits of AI Technology Read More »

Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers

Vulnerabilities / SecurityTicks

Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers 11/05/2023 at 17:42 By Ionut Arghire Claroty has disclosed the details of 5 vulnerabilities that can be chained in an exploit allowing unauthenticated attackers to hack Netgear routers. The post Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers appeared first on

React to this headline:

Details Disclosed for Exploit Chain That Allows Hacking of Netgear Routers Read More »

Microsoft Makes Second Attempt to Patch Recent Outlook Zero-Day

Microsoft, Vulnerabilities, Zero-Day / SecurityTicks

Microsoft Makes Second Attempt to Patch Recent Outlook Zero-Day 11/05/2023 at 15:45 By Ionut Arghire Microsoft has rolled out patches for a vulnerability allowing attackers to bypass mitigations for a critical Outlook zero-day leading to credentials theft. The post Microsoft Makes Second Attempt to Patch Recent Outlook Zero-Day appeared first on SecurityWeek. This article is

React to this headline:

Microsoft Makes Second Attempt to Patch Recent Outlook Zero-Day Read More »

SAP Patches Critical Vulnerabilities With May 2023 Security Updates

Vulnerabilities / SecurityTicks

SAP Patches Critical Vulnerabilities With May 2023 Security Updates 10/05/2023 at 14:47 By Ionut Arghire SAP released 18 new security notes on May 2023 Security Patch Day, including two that resolve critical vulnerabilities in 3D Visual Enterprise License Manager and BusinessObjects. The post SAP Patches Critical Vulnerabilities With May 2023 Security Updates appeared first on

React to this headline:

SAP Patches Critical Vulnerabilities With May 2023 Security Updates Read More »

Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities

Vulnerabilities / SecurityTicks

Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities 10/05/2023 at 14:47 By Eduard Kovacs Intel and AMD have informed their customers about a total of more than 100 vulnerabilities found in their products. The post Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities Read More »

Microsoft Patch Tuesday: 40 Vulnerabilities, 2 Zero-Days

Vulnerabilities / SecurityTicks

Microsoft Patch Tuesday: 40 Vulnerabilities, 2 Zero-Days 09/05/2023 at 23:23 By Ionut Arghire Microsoft’s May 2023 security updates address a total of 40 newly documented vulnerabilities, including two flaws already exploited in attacks. The post Microsoft Patch Tuesday: 40 Vulnerabilities, 2 Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Microsoft Patch Tuesday: 40 Vulnerabilities, 2 Zero-Days Read More »