In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android 28/07/2023 at 19:17 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 24, 2023. The post In Other News: Data Breach Cost Rises, Russia […]
React to this headline:
US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications 28/07/2023 at 19:17 By Ionut Arghire US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications. The post US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications appeared first on SecurityWeek. This article is an excerpt from
React to this headline:
US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications Read More »
Zimbra Patches Exploited Zero-Day Vulnerability 28/07/2023 at 15:47 By Ionut Arghire Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks. The post Zimbra Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:
React to this headline:
Zimbra Patches Exploited Zero-Day Vulnerability Read More »
Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »
Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation 27/07/2023 at 04:18 By Ryan Naraine Researchers say a whopping 62 percent of AWS environments may be exposed to the newly documented AMD ‘Zenbleed’ information leak flaw. The post Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation appeared first on SecurityWeek. This article
React to this headline:
Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation Read More »
Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks 26/07/2023 at 17:34 By Ionut Arghire Fortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service. The post Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks Read More »
TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems 25/07/2023 at 19:32 By Kevin Townsend TETRA:BURST – vulnerabilities in widely used radio standard could threaten military and law enforcement communications, as well as ICS. The post TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems appeared first on SecurityWeek. This article is an
React to this headline:
TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems Read More »
AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information 25/07/2023 at 15:48 By Eduard Kovacs AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek. This article is
React to this headline:
AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information Read More »
Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government 25/07/2023 at 13:04 By Eduard Kovacs An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government Read More »
Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks 25/07/2023 at 03:03 By Ryan Naraine Apple patches another zero-day flaw used in the ‘Operation Triangulation’ exploit chain. iOS and macOS-powered devices are affected. The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks Read More »
Over 20,000 Citrix Appliances Vulnerable to New Exploit 24/07/2023 at 17:02 By Ionut Arghire Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519. The post Over 20,000 Citrix Appliances Vulnerable to New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
React to this headline:
Over 20,000 Citrix Appliances Vulnerable to New Exploit Read More »
Perimeter81 Vulnerability Disclosed After Botched Disclosure Process 24/07/2023 at 14:30 By Eduard Kovacs Cybersecurity firm Perimeter81 appears to have botched the responsible disclosure process for a privilege escalation vulnerability found in its macOS application. The post Perimeter81 Vulnerability Disclosed After Botched Disclosure Process appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Perimeter81 Vulnerability Disclosed After Botched Disclosure Process Read More »
Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo 24/07/2023 at 14:30 By Ionut Arghire Atlassian patches high-severity remote code execution vulnerabilities in Confluence and Bamboo products. The post Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React
React to this headline:
Atlassian Patches Remote Code Execution Vulnerabilities in Confluence, Bamboo Read More »
OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers 21/07/2023 at 16:03 By Ionut Arghire Three vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely. The post OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers appeared first on SecurityWeek.
React to this headline:
OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers Read More »
Citrix Zero-Day Exploited Against Critical Infrastructure Organization 21/07/2023 at 13:33 By Eduard Kovacs CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization. The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View
React to this headline:
Citrix Zero-Day Exploited Against Critical Infrastructure Organization Read More »
New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices 20/07/2023 at 21:18 By Eduard Kovacs Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause physical damage. The post New AMI BMC Flaws Allowing Takeover and
React to this headline:
New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices Read More »
Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities 20/07/2023 at 12:20 By Eduard Kovacs Adobe releases a second round of patches for recent ColdFusion vulnerabilities, including flaws that have been exploited in attacks. The post Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities Read More »
Chrome 115 Patches 20 Vulnerabilities 19/07/2023 at 13:32 By Ionut Arghire Chrome 115 released with patches for 20 vulnerabilities, including 11 reported by external researchers, who earned thousands of dollars in bug bounties. The post Chrome 115 Patches 20 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original
React to this headline:
Chrome 115 Patches 20 Vulnerabilities Read More »
Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned 19/07/2023 at 13:32 By Eduard Kovacs Citrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks. The post Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned appeared first on SecurityWeek. This article is an
React to this headline:
Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned Read More »
Oracle Releases 508 New Security Patches With July 2023 CPU 19/07/2023 at 13:32 By Ionut Arghire Oracle has released 508 new security patches as part of the July 2023 CPU, including more than 70 that address critical vulnerabilities The post Oracle Releases 508 New Security Patches With July 2023 CPU appeared first on SecurityWeek. This
React to this headline:
Oracle Releases 508 New Security Patches With July 2023 CPU Read More »