Vulnerabilities

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue

Vulnerabilities /

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue 13/07/2023 at 14:47 By Eduard Kovacs Apple has re-released its Rapid Security Response updates for iOS and macOS after fixing a website access issue caused by the original patches. The post Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue appeared first […]

React to this headline:

Loading spinner

Apple Re-Releases Urgent Zero-Day Patches With Fix for Website Access Issue Read More »

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure

exploit, Featured, ICS, ICS/OT, Malware & Threats, Rockwell Automation, Vulnerabilities /

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure 13/07/2023 at 13:32 By Eduard Kovacs Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could use it to target critical infrastructure. The post APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure appeared first on

React to this headline:

Loading spinner

APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure Read More »

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies

Vulnerabilities /

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies 12/07/2023 at 19:00 By Kevin Townsend Bugcrowd’s Inside the Mind of the Hacker report shows the speed and efficiency of hackers adopting new technologies to assist their hunting The post Inside the Mind of the Hacker: Report Shows

React to this headline:

Loading spinner

Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies Read More »

Hardcoded Accounts Allow Full Takeover of Technicolor Routers

Network Security, Vulnerabilities /

Hardcoded Accounts Allow Full Takeover of Technicolor Routers 12/07/2023 at 19:00 By Ionut Arghire Multiple hardcoded accounts on the Technicolor TG670 DSL gateway router can be used to completely take over the impacted devices. The post Hardcoded Accounts Allow Full Takeover of Technicolor Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Hardcoded Accounts Allow Full Takeover of Technicolor Routers Read More »

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu

Vulnerabilities /

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu 12/07/2023 at 15:33 By Ionut Arghire Citrix has patched a critical-severity vulnerability in Secure Access client for Ubuntu that could lead to remote code execution (RCE). The post Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Citrix Patches Critical Vulnerability in Secure Access Client for Ubuntu Read More »

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution

Fortinet, Vulnerabilities, vulnerability /

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution 12/07/2023 at 14:54 By Ionut Arghire Fortinet patches a critical-severity vulnerability in FortiOS and FortiProxy that could lead to remote code execution. The post Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution Read More »

SAP Patches Critical Vulnerability in ECC and S/4HANA Products

Vulnerabilities /

SAP Patches Critical Vulnerability in ECC and S/4HANA Products 12/07/2023 at 12:17 By Ionut Arghire SAP on July 2023 Security Patch Day released 16 new security notes, including one addressing a critical vulnerability in ECC and S/4HANA (IS-OIL). The post SAP Patches Critical Vulnerability in ECC and S/4HANA Products appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

SAP Patches Critical Vulnerability in ECC and S/4HANA Products Read More »

Microsoft Warns of Office Zero-Day Attacks, No Patch Available

cybercrime, Cyberwarfare, Vulnerabilities /

Microsoft Warns of Office Zero-Day Attacks, No Patch Available 11/07/2023 at 21:47 By Ryan Naraine Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite. The post Microsoft Warns of Office Zero-Day Attacks, No Patch Available appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Microsoft Warns of Office Zero-Day Attacks, No Patch Available Read More »

Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion

Application Security, Ransomware, Vulnerabilities /

Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion 11/07/2023 at 20:33 By Ryan Naraine Software maker calls special attention to CVE-2023-29300, a deserialization of untrusted data bug with a CVSS severity score of 9.8/10. The post Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Adobe Patch Tuesday: Critical Flaws Haunt InDesign, ColdFusion Read More »

Apple Ships Urgent iOS Patch for WebKit Zero-Day

apple, CVE-2023-37450, Incident Response, iOS, iPadOS, Mobile & Wireless, Vulnerabilities, WebKit, Zero-Day /

Apple Ships Urgent iOS Patch for WebKit Zero-Day 11/07/2023 at 02:02 By Ryan Naraine Apple rolls out urgent iOS and iPadOS software updates and warned that zero-day exploitation has already been detected. The post Apple Ships Urgent iOS Patch for WebKit Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Apple Ships Urgent iOS Patch for WebKit Zero-Day Read More »

Exploit Code Published for Remote Root Flaw in VMware Logging Software

Application Security, CISA, CVE-2023-20864, Network Security, VMWare, VMware aria Operations for Logs, vrealize, Vulnerabilities /

Exploit Code Published for Remote Root Flaw in VMware Logging Software 10/07/2023 at 23:02 By Ryan Naraine VMware confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches. The post Exploit Code Published for Remote Root Flaw in VMware Logging Software appeared first on SecurityWeek.

React to this headline:

Loading spinner

Exploit Code Published for Remote Root Flaw in VMware Logging Software Read More »

Critical Vulnerability Can Allow Takeover of Mastodon Servers

Mastodon, Vulnerabilities, vulnerability /

Critical Vulnerability Can Allow Takeover of Mastodon Servers 10/07/2023 at 17:17 By Ionut Arghire A critical vulnerability in the Mastodon social networking platform may allow attackers to take over target servers. The post Critical Vulnerability Can Allow Takeover of Mastodon Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Critical Vulnerability Can Allow Takeover of Mastodon Servers Read More »

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability

Vulnerabilities /

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability 10/07/2023 at 17:17 By Ionut Arghire PoC exploit has been published for a recently patched Ubiquiti EdgeRouter vulnerability leading to arbitrary code execution. The post PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability Read More »

After Zero-Day Attacks, MOVEit Turns to Security Service Packs

CVE-2023-36932, CVE-2023-36933, CVE-2023-36934, cybercrime, Progress Software, Ransomware, Vulnerabilities, Zero-Day /

After Zero-Day Attacks, MOVEit Turns to Security Service Packs 07/07/2023 at 20:31 By Ryan Naraine Facing ransomware zero-days, Progress Software will release regular service packs to help customers mitigate critical security flaws. The post After Zero-Day Attacks, MOVEit Turns to Security Service Packs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

After Zero-Day Attacks, MOVEit Turns to Security Service Packs Read More »

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques

email security, In Other News, Malware & Threats, Vulnerabilities /

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques 07/07/2023 at 18:31 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 3, 2023. The post In Other News: Healthcare Product Flaws, Free Email Security

React to this headline:

Loading spinner

In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques Read More »

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs

kernel, Linux, StackRot, Vulnerabilities, vulnerability /

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs 06/07/2023 at 14:46 By Eduard Kovacs A new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs. The post StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs Read More »

Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic

Vulnerabilities /

Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic 06/07/2023 at 13:34 By Ionut Arghire Cisco says a high-severity vulnerability in Nexus 9000 series switches could allow attackers to intercept and modify encrypted traffic. The post Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic Read More »

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks

ICS/OT, Vulnerabilities /

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks 05/07/2023 at 17:02 By Eduard Kovacs An actively exploited vulnerability in the Contec SolarView solar power monitoring product can expose hundreds of energy organizations to attacks. The post Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Exploited Solar Power Product Vulnerability Could Expose Energy Organizations to Attacks Read More »

Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities

Vulnerabilities /

Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities 05/07/2023 at 14:15 By Ionut Arghire Mozilla has released Firefox 115 to the stable channel with patches for two high-severity use-after-free vulnerabilities. The post Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities Read More »

In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools

Government, ICS/OT, In Other News, Vulnerabilities /

In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools 30/06/2023 at 17:46 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of June 26, 2023. The post In Other News: Hospital Infected via USB Drive,

React to this headline:

Loading spinner

In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools Read More »

Scroll to Top