Vulnerabilities - Security Ticks

Companies Respond to ‘Downfall’ Intel CPU Vulnerability

Endpoint Security, Vulnerabilities / SecurityTicks

Companies Respond to ‘Downfall’ Intel CPU Vulnerability 18/08/2023 at 15:49 By Eduard Kovacs Several major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs. The post Companies Respond to ‘Downfall’ Intel CPU Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to […]

React to this headline:

Companies Respond to ‘Downfall’ Intel CPU Vulnerability Read More »

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results

Application Security, Supply Chain Security, Vulnerabilities / SecurityTicks

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results 17/08/2023 at 20:46 By Ryan Naraine Google sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage. The post Google Brings AI Magic to Fuzz Testing With Eye-Opening Results appeared first on SecurityWeek. This article is an

React to this headline:

Google Brings AI Magic to Fuzz Testing With Eye-Opening Results Read More »

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

Cisco, Vulnerabilities / SecurityTicks

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications 17/08/2023 at 19:02 By Ionut Arghire Cisco has patched high-severity vulnerabilities in enterprise applications that could lead to privilege escalation, SQL injection, and denial-of-service. The post Cisco Patches High-Severity Vulnerabilities in Enterprise Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Cisco Patches High-Severity Vulnerabilities in Enterprise Applications Read More »

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning

Citrix, exploited, Featured, Vulnerabilities / SecurityTicks

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning 17/08/2023 at 12:18 By Eduard Kovacs Exploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog. The post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning appeared first on SecurityWeek. This article is

React to this headline:

Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning Read More »

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution

Ivanti, Vulnerabilities / SecurityTicks

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution 16/08/2023 at 16:45 By Ionut Arghire Ivanti has patched critical- and high-severity vulnerabilities with the latest release of Avalanche, its enterprise mobile device management solution. The post Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution Read More »

GitHub Paid Out $1.5 Million in Bug Bounties in 2022

Management & Strategy, Vulnerabilities / SecurityTicks

GitHub Paid Out $1.5 Million in Bug Bounties in 2022 16/08/2023 at 15:00 By Ionut Arghire GitHub says it paid out more than $1.5 million in bug bounties for 364 vulnerabilities in 2022, reaching a total of nearly $4 million since 2016. The post GitHub Paid Out $1.5 Million in Bug Bounties in 2022 appeared

React to this headline:

GitHub Paid Out $1.5 Million in Bug Bounties in 2022 Read More »

Chrome 116 Patches 26 Vulnerabilities

Chrome, Vulnerabilities / SecurityTicks

Chrome 116 Patches 26 Vulnerabilities 16/08/2023 at 15:00 By Ionut Arghire Google has released Chrome 116 with patches for 26 vulnerabilities and plans to ship weekly security updates for the popular web browser. The post Chrome 116 Patches 26 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Chrome 116 Patches 26 Vulnerabilities Read More »

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability

Malware & Threats, Vulnerabilities / SecurityTicks

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability 15/08/2023 at 19:47 By Ionut Arghire A threat actor has exploited a recent Citrix vulnerability (CVE-2023-3519) to infect roughly 2,000 NetScaler instances with a backdoor. The post 2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

2,000 Citrix NetScaler Instances Backdoored via Recent Vulnerability Read More »

Power Management Product Flaws Can Expose Data Centers to Damaging Attacks, Spying

data center, power, Vulnerabilities / SecurityTicks

Power Management Product Flaws Can Expose Data Centers to Damaging Attacks, Spying 14/08/2023 at 16:16 By Eduard Kovacs Vulnerabilities in CyberPower and Dataprobe power management products could be exploited in data center attacks, including to cause damage and for spying. The post Power Management Product Flaws Can Expose Data Centers to Damaging Attacks, Spying appeared

React to this headline:

Power Management Product Flaws Can Expose Data Centers to Damaging Attacks, Spying Read More »

Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles

car hacking, Ford, Mobile & Wireless, Vulnerabilities, Wi-Fi / SecurityTicks

Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles 14/08/2023 at 13:46 By Ionut Arghire Ford says a critical vulnerability in the TI Wi-Fi driver of the SYNC 3 infotainment system on certain vehicle models does not pose a safety risk. The post Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles appeared

React to this headline:

Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles Read More »

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking

ATM, Endpoint Security, Featured, Vulnerabilities, vulnerability / SecurityTicks

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking 14/08/2023 at 13:46 By Eduard Kovacs Several vulnerabilities discovered in Iagona ScrutisWeb ATM fleet monitoring software could be exploited to remotely hack ATMs. The post Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking Read More »

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities

Government, In Other News, Malware & Threats, Vulnerabilities / SecurityTicks

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities 11/08/2023 at 17:18 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 7, 2023. The post In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities appeared first

React to this headline:

In Other News: macOS Security Reports, Keyboard Spying, VPN Vulnerabilities Read More »

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio

.NET, CISA, Featured, Microsoft, Vulnerabilities, Zero-Day / SecurityTicks

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio 10/08/2023 at 12:33 By Eduard Kovacs CISA has added CVE-2023-38180, a zero-day vulnerability affecting .NET and Visual Studio, to its Known Exploited Vulnerabilities Catalog. The post CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio appeared first on SecurityWeek. This article is an excerpt

React to this headline:

CISA Warns Organizations of Exploited Vulnerability Affecting .NET, Visual Studio Read More »

Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files

NAS, Vulnerabilities, WD / SecurityTicks

Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files 09/08/2023 at 21:03 By Eduard Kovacs Critical vulnerabilities discovered in WD and Synology NAS devices could have exposed the files of millions of users. The post Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Western Digital, Synology NAS Vulnerabilities Exposed Millions of Users’ Files Read More »

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year

bug bounty program, Microsoft, Vulnerabilities / SecurityTicks

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year 09/08/2023 at 17:03 By Eduard Kovacs For the fourth consecutive year, Microsoft has paid out more than $13 million through its bug bounty programs. The post Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year appeared first on

React to this headline:

Microsoft Paid Out $13 Million via Bug Bounty Programs for Fourth Consecutive Year Read More »

Intel Addresses 80 Firmware, Software Vulnerabilities

Endpoint Security, Intel, patch, Patch Tuesday, Vulnerabilities / SecurityTicks

Intel Addresses 80 Firmware, Software Vulnerabilities 09/08/2023 at 15:17 By Eduard Kovacs Intel has addressed 80 vulnerabilities affecting its products, including 18 high-severity privilege escalation and DoS flaws. The post Intel Addresses 80 Firmware, Software Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Intel Addresses 80 Firmware, Software Vulnerabilities Read More »

SAP Patches Critical Vulnerability in PowerDesigner Product

SAP, Vulnerabilities, vulnerability / SecurityTicks

SAP Patches Critical Vulnerability in PowerDesigner Product 09/08/2023 at 13:31 By Eduard Kovacs SAP has fixed over a dozen new vulnerabilities with its Patch Tuesday updates, including a critical flaw in its PowerDesigner product. The post SAP Patches Critical Vulnerability in PowerDesigner Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

SAP Patches Critical Vulnerability in PowerDesigner Product Read More »

New ‘Inception’ Side-Channel Attack Targets AMD Processors

Amd, CPU, Endpoint Security, Vulnerabilities / SecurityTicks

New ‘Inception’ Side-Channel Attack Targets AMD Processors 09/08/2023 at 12:17 By Eduard Kovacs Researchers have disclosed the details of a new side-channel attack targeting AMD CPUs named Inception. The post New ‘Inception’ Side-Channel Attack Targets AMD Processors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

New ‘Inception’ Side-Channel Attack Targets AMD Processors Read More »

Downfall: New Intel CPU Attack Exposing Sensitive Information

CPU, Endpoint Security, Featured, Intel, Vulnerabilities / SecurityTicks

Downfall: New Intel CPU Attack Exposing Sensitive Information 09/08/2023 at 09:32 By Eduard Kovacs Google researcher discloses the details of an Intel CPU attack method named Downfall that may be remotely exploitable. The post Downfall: New Intel CPU Attack Exposing Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Downfall: New Intel CPU Attack Exposing Sensitive Information Read More »

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days

Cyberwarfare, Microsoft, Nation-State, patch, Patch Tuesday, Vulnerabilities / SecurityTicks

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days 08/08/2023 at 23:17 By Ryan Naraine Patch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products. The post Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days Read More »