Vulnerabilities

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks

Featured, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks 13/06/2023 at 11:50 By Eduard Kovacs Fortinet has warned customers that the critical CVE-2023-27997 vulnerability that was patched recently could be a zero-day exploited in limited attacks. The post Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks appeared first on SecurityWeek. This article […]

React to this headline:

Loading spinner

Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks Read More »

Software Supply Chain: The Golden Container Ship

SBOM, Supply Chain Security, Vulnerabilities /

Software Supply Chain: The Golden Container Ship 12/06/2023 at 15:18 By Matt Honea By having a golden image you will put a process in place that allows you to quickly take action when a vulnerability is found within your organization. The post Software Supply Chain: The Golden Container Ship appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Software Supply Chain: The Golden Container Ship Read More »

New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward

Featured, MOVEit, Ransomware, Vulnerabilities /

New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward 12/06/2023 at 13:34 By Eduard Kovacs Researchers discover new MOVEit vulnerabilities related to the zero-day, just as more organizations hit by the attack are coming forward. The post New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward appeared first on SecurityWeek. This

React to this headline:

Loading spinner

New MOVEit Vulnerabilities Found as More Zero-Day Attack Victims Come Forward Read More »

Fortinet Patches Critical FortiGate SSL VPN Vulnerability

Vulnerabilities /

Fortinet Patches Critical FortiGate SSL VPN Vulnerability 12/06/2023 at 12:40 By Eduard Kovacs Fortinet has patched CVE-2023-27997, a critical FortiGate SSL VPN vulnerability that can be exploited for unauthenticated remote code execution. The post Fortinet Patches Critical FortiGate SSL VPN Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Fortinet Patches Critical FortiGate SSL VPN Vulnerability Read More »

Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021

Ransomware, Vulnerabilities /

Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021 09/06/2023 at 15:46 By Eduard Kovacs Evidence suggests that the Cl0p ransomware group has known about and conducted tests with the recently patched MOVEit zero-day since mid-2021. The post Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021 appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021 Read More »

Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data

data breach, Data Breaches, Honda, Vulnerabilities, vulnerability /

Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data 08/06/2023 at 18:48 By Eduard Kovacs Vulnerabilities found by a researcher in a Honda ecommerce platform used for equipment sales exposed customer and dealer information. The post Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data Read More »

Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions

Vulnerabilities /

Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions 08/06/2023 at 14:17 By Ionut Arghire Cisco releases fixes for a critical-severity vulnerability in Expressway series and TelePresence Video Communication Server (VCS). The post Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions Read More »

VMware Plugs Critical Flaws in Network Monitoring Product

Application Security, CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, VMWare, Vulnerabilities /

VMware Plugs Critical Flaws in Network Monitoring Product 07/06/2023 at 19:02 By Ryan Naraine VMware ships urgent patches to cover security defects that expose businesses to remote code execution attacks. The post VMware Plugs Critical Flaws in Network Monitoring Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

VMware Plugs Critical Flaws in Network Monitoring Product Read More »

KeePass Update Patches Vulnerability Exposing Master Password

KeePass, password, Vulnerabilities /

KeePass Update Patches Vulnerability Exposing Master Password 06/06/2023 at 17:17 By Ionut Arghire KeePass 2.54 patches a vulnerability allowing attackers to retrieve the cleartext master password from a memory dump. The post KeePass Update Patches Vulnerability Exposing Master Password appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

KeePass Update Patches Vulnerability Exposing Master Password Read More »

Google Patches Third Chrome Zero-Day of 2023

Chrome, Featured, Vulnerabilities, Zero-Day /

Google Patches Third Chrome Zero-Day of 2023 06/06/2023 at 12:03 By Eduard Kovacs Google has released a Chrome 114 security update that patches CVE-2023-3079, the third zero-day vulnerability patched in the browser in 2023. The post Google Patches Third Chrome Zero-Day of 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Google Patches Third Chrome Zero-Day of 2023 Read More »

Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities

firewall, Network Security, Vulnerabilities, Zyxel /

Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities 05/06/2023 at 16:47 By Ionut Arghire Zyxel urges customers to update ATP, USG Flex, VPN, and ZyWALL/USG firewalls to prevent exploitation of recent vulnerabilities. The post Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Zyxel Urges Customers to Patch Firewalls Against Exploited Vulnerabilities Read More »

SBOMs – Software Supply Chain Security’s Future or Fantasy?

Featured, Government, Government Policy, open source, SBOM, software, Supply Chain Security, Vulnerabilities /

SBOMs – Software Supply Chain Security’s Future or Fantasy? 05/06/2023 at 14:39 By Kevin Townsend If after eighteen months, meaningful use of SBOMs is unachievable, we need to ask what needs to be done to fulfill Biden’s executive order. The post SBOMs – Software Supply Chain Security’s Future or Fantasy? appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SBOMs – Software Supply Chain Security’s Future or Fantasy? Read More »

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards

Endpoint Security, Vulnerabilities /

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards 05/06/2023 at 14:39 By Ionut Arghire Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards. The post Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards Read More »

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack 

Malware & Threats, news roundup, Tracking & Law Enforcement, Vulnerabilities /

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack  03/06/2023 at 14:33 By Eduard Kovacs Cybersecurity news that you may have missed this week: the spyware used by various governments, new vulnerabilities, industrial security products, and Linux router attacks. The post In Other News: Government Use of Spyware, New Industrial

React to this headline:

Loading spinner

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack  Read More »

High-Severity Vulnerabilities Patched in Splunk Enterprise

Vulnerabilities, vulnerability /

High-Severity Vulnerabilities Patched in Splunk Enterprise 02/06/2023 at 16:54 By Ionut Arghire Splunk has resolved multiple high-severity vulnerabilities in Splunk Enterprise, including bugs in third-party packages used by the product. The post High-Severity Vulnerabilities Patched in Splunk Enterprise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

High-Severity Vulnerabilities Patched in Splunk Enterprise Read More »

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations

Featured, MOVEit, Vulnerabilities, Zero-Day /

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations 02/06/2023 at 12:41 By Eduard Kovacs A zero-day vulnerability in Progress Software’s MOVEit Transfer product has been exploited to hack organizations and steal their data. The post Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations appeared first on SecurityWeek.

React to this headline:

Loading spinner

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations Read More »

Google Temporarily Offering $180,000 for Full Chain Chrome Exploit

Vulnerabilities /

Google Temporarily Offering $180,000 for Full Chain Chrome Exploit 02/06/2023 at 07:42 By Ionut Arghire Google is offering a bug bounty reward of up to $180,000 for a full chain exploit leading to a sandbox escape in the Chrome browser. The post Google Temporarily Offering $180,000 for Full Chain Chrome Exploit appeared first on SecurityWeek.

React to this headline:

Loading spinner

Google Temporarily Offering $180,000 for Full Chain Chrome Exploit Read More »

Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks

ICS, ICS/OT, Vulnerabilities /

Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks 01/06/2023 at 15:19 By Eduard Kovacs Critical authentication bypass and high-severity command injection vulnerabilities have been patched in Moxa’s MXsecurity product. The post Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks Read More »

Adobe Inviting Researchers to Private Bug Bounty Program

Vulnerabilities /

Adobe Inviting Researchers to Private Bug Bounty Program 01/06/2023 at 13:47 By Ionut Arghire Adobe is inviting security researchers to join its private bug bounty program on the HackerOne platform. The post Adobe Inviting Researchers to Private Bug Bounty Program appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Adobe Inviting Researchers to Private Bug Bounty Program Read More »

Critical Vulnerabilities Found in Faronics Education Software

Vulnerabilities, vulnerability /

Critical Vulnerabilities Found in Faronics Education Software 01/06/2023 at 12:35 By Ionut Arghire Faronics patches critical-severity remote code execution (RCE) vulnerabilities in the Insight education software. The post Critical Vulnerabilities Found in Faronics Education Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerabilities Found in Faronics Education Software Read More »

Scroll to Top