Vulnerabilities

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks 

Email, email security, Exim, Vulnerabilities /

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks  02/10/2023 at 14:48 By Eduard Kovacs Patches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks.  The post Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks  Read More »

Recently Patched TeamCity Vulnerability Exploited to Hack Servers

exploited, Featured, Vulnerabilities /

Recently Patched TeamCity Vulnerability Exploited to Hack Servers 02/10/2023 at 13:01 By Eduard Kovacs In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers. The post Recently Patched TeamCity Vulnerability Exploited to Hack Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Recently Patched TeamCity Vulnerability Exploited to Hack Servers Read More »

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

Vulnerabilities /

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks 29/09/2023 at 16:46 By Eduard Kovacs CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog. The post CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks Read More »

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Apache, Vulnerabilities /

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks 29/09/2023 at 16:46 By Ionut Arghire Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations.  The post Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks appeared first on

React to this headline:

Loading spinner

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks Read More »

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Vulnerabilities /

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers 29/09/2023 at 14:31 By Ionut Arghire Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself. The post Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers Read More »

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product 

Cl0p, cybercrime, MOVEit, Progress Software, Ransomware, Vulnerabilities, WS_FTP /

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product  28/09/2023 at 22:48 By Ryan Naraine Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the underlying operating system. The post Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product 

React to this headline:

Loading spinner

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product  Read More »

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

Cisco, exploited, Featured, Vulnerabilities, Zero-Day /

Cisco Warns of IOS Software Zero-Day Exploitation Attempts 28/09/2023 at 15:32 By Ionut Arghire Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. The post Cisco Warns of IOS Software Zero-Day Exploitation Attempts appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Cisco Warns of IOS Software Zero-Day Exploitation Attempts Read More »

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

Chrome, exploited, Featured, Vulnerabilities, Zero-Day /

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor 28/09/2023 at 13:16 By Eduard Kovacs Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.  The post Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor Read More »

Firefox 118 Patches High-Severity Vulnerabilities

Firefox, Vulnerabilities /

Firefox 118 Patches High-Severity Vulnerabilities 27/09/2023 at 17:17 By Ionut Arghire Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape. The post Firefox 118 Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Firefox 118 Patches High-Severity Vulnerabilities Read More »

macOS 14 Sonoma Patches 60 Vulnerabilities

apple, macOS, Vulnerabilities /

macOS 14 Sonoma Patches 60 Vulnerabilities 27/09/2023 at 15:30 By Eduard Kovacs macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities. The post macOS 14 Sonoma Patches 60 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

macOS 14 Sonoma Patches 60 Vulnerabilities Read More »

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

Vulnerabilities, vulnerability /

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover 25/09/2023 at 13:32 By Ionut Arghire A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers. The post In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover Read More »

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

CISA, CISA KEV, Government, Risk Management, Vulnerabilities /

Faster Patching Pace Validates CISA’s KEV Catalog Initiative 22/09/2023 at 15:17 By Ionut Arghire CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace. The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Faster Patching Pace Validates CISA’s KEV Catalog Initiative Read More »

BIND Updates Patch Two High-Severity DoS Vulnerabilities

Vulnerabilities /

BIND Updates Patch Two High-Severity DoS Vulnerabilities 22/09/2023 at 15:17 By Ionut Arghire The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely. The post BIND Updates Patch Two High-Severity DoS Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

BIND Updates Patch Two High-Severity DoS Vulnerabilities Read More »

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

apple, exploited, Featured, Mobile & Wireless, spyware, Vulnerabilities, Zero-Day /

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones 22/09/2023 at 13:31 By Eduard Kovacs Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones. The post Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones Read More »

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade

car hacking, IoT Security, Vulnerabilities /

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade 21/09/2023 at 15:31 By Eduard Kovacs An automotive cybersecurity study shows that critical-risk vulnerabilities have decreased in the past decade. The post Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade Read More »

GitLab Patches Critical Pipeline Execution Vulnerability

GitLab, Vulnerabilities /

GitLab Patches Critical Pipeline Execution Vulnerability 20/09/2023 at 15:31 By Ionut Arghire GitLab has released security updates to address a critical-severity vulnerability allowing an attacker to run pipelines as another user. The post GitLab Patches Critical Pipeline Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

GitLab Patches Critical Pipeline Execution Vulnerability Read More »

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems

Vulnerabilities, vulnerability /

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems 20/09/2023 at 15:31 By Eduard Kovacs Atos Unify product vulnerabilities could be exploited to cause disruption and reconfigure or backdoor the targeted system.  The post Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems Read More »

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products

Endpoint Security, exploited, Trend Micro, Vulnerabilities, Zero-Day /

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products 19/09/2023 at 15:47 By Eduard Kovacs Trend Micro has patched CVE-2023-41179, an Apex One zero-day code execution vulnerability that has been exploited in attacks.  The post Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Trend Micro Patches Exploited Zero-Day Vulnerability in Endpoint Security Products Read More »

Thousands of Juniper Appliances Vulnerable to New Exploit 

exploited, Juniper, Vulnerabilities /

Thousands of Juniper Appliances Vulnerable to New Exploit  19/09/2023 at 15:47 By Ionut Arghire VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against. The post Thousands of Juniper Appliances Vulnerable to New Exploit  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Thousands of Juniper Appliances Vulnerable to New Exploit  Read More »

Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd

Featured, Vulnerabilities /

Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd 19/09/2023 at 14:24 By Kevin Townsend SecurityWeek interviews Casey Ellis, founder, chairman and CTO at Bugcrowd, best known for operating bug bounty programs for organizations. The post Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd Read More »

Scroll to Top