Vulnerabilities

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR

Palo Alto Networks, Vulnerabilities, vulnerability /

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR 2024-08-15 at 15:04 By Eduard Kovacs Palo Alto Networks has patched multiple vulnerabilities, including ones rated high severity, in several products. The post Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR appeared first on SecurityWeek. This article is an excerpt from […]

Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR Read More »

Fortinet, Zoom Patch Multiple Vulnerabilities

Fortinet, Vulnerabilities, vulnerability, Zoom /

Fortinet, Zoom Patch Multiple Vulnerabilities 2024-08-14 at 15:46 By Eduard Kovacs Fortinet and Zoom have released patches for multiple vulnerabilities in their products, including high-severity bugs. The post Fortinet, Zoom Patch Multiple Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Fortinet, Zoom Patch Multiple Vulnerabilities Read More »

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager

Ivanti, Vulnerabilities, vulnerability /

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager 2024-08-14 at 14:02 By Ionut Arghire Ivanti has released patches for multiple vulnerabilities in Neurons for ITSM, Avalanche, and Virtual Traffic Manager, including critical bugs. The post Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager appeared first on SecurityWeek. This article

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager Read More »

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities

Amd, Chipmaker Patch Tuesday, Intel, Vulnerabilities /

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities 2024-08-14 at 14:02 By Eduard Kovacs Intel and AMD have each informed customers about dozens of vulnerabilities found and patched in their products.  The post Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities Read More »

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited

exploit, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows, Zero-Day /

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited 2024-08-13 at 23:01 By Ryan Naraine Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category. The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.

Microsoft Warns of Six Windows Zero-Days Being Actively Exploited Read More »

Adobe Calls Attention to Massive Batch of Code Execution Flaws

Acrobat and Reader, Adobe, magento, Patch Tuesday, Photoshop, Vulnerabilities /

Adobe Calls Attention to Massive Batch of Code Execution Flaws 2024-08-13 at 20:46 By Ryan Naraine Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks. The post Adobe Calls Attention to Massive Batch of Code Execution Flaws appeared first

Adobe Calls Attention to Massive Batch of Code Execution Flaws Read More »

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps

SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps 2024-08-13 at 18:46 By Ionut Arghire SAP has released 25 security notes on August 2024 Security Patch Day, including for critical vulnerabilities in BusinessObjects and Build Apps. The post SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps appeared first on SecurityWeek. This article is an excerpt from

SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps Read More »

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains

Endpoint Security, Microsoft, OpenVPN, remote code execution, VPN, Vulnerabilities /

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains 2024-08-12 at 19:01 By Ryan Naraine The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks. The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains Read More »

Several Vulnerabilities Found in Google’s Quick Share Data Transfer Utility

Vulnerabilities, vulnerability /

Several Vulnerabilities Found in Google’s Quick Share Data Transfer Utility 2024-08-12 at 19:01 By Ionut Arghire SafeBreach identified 10 vulnerabilities in Google Quick Share and devised a remote code execution chain targeting the file sharing utility for Windows. The post Several Vulnerabilities Found in Google’s Quick Share Data Transfer Utility appeared first on SecurityWeek. This

Several Vulnerabilities Found in Google’s Quick Share Data Transfer Utility Read More »

Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities

CISA, Cisco, exploited, Vulnerabilities /

Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities 2024-08-09 at 15:01 By Eduard Kovacs CISA is warning organizations about abuse of Cisco Smart Install feature, as Cisco is notifying customers about critical phone vulnerabilities it’s not patching. The post Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities appeared first on SecurityWeek. This article is an

Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities Read More »

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug

CrowdStrike, exploit, Featured, Incident Response, Qihoo 360, Vulnerabilities /

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug 2024-08-08 at 20:46 By Ryan Naraine CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution. The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek. This article is an excerpt from

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug Read More »

Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption

ICS, ICS/OT, IoT Security, power, Vulnerabilities, vulnerability /

Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption 2024-08-08 at 16:16 By Eduard Kovacs Vulnerabilities found in solar power systems could have been exploited by hackers to cause disruption and possibly blackouts. The post Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption appeared first on SecurityWeek. This article is an excerpt

Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption Read More »

GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU

CPU, CPU vulnerability, Endpoint Security, GhostWrite, RISC-V, Vulnerabilities /

GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU 2024-08-07 at 22:16 By Eduard Kovacs Researchers disclose the details of GhostWrite, a RISC-V CPU vulnerability that can be exploited to gain full access to targeted devices. The post GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU appeared first on SecurityWeek. This article is an

GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU Read More »

Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks

Black Hat, BlackLotus, Featured, Malware & Threats, SafeBreach, software downgrade, Vulnerabilities, Windows Update /

Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks 2024-08-07 at 18:16 By Ryan Naraine Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days. The post Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks Read More »

Chrome, Firefox Updates Patch Serious Vulnerabilities 

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome, Firefox Updates Patch Serious Vulnerabilities  2024-08-07 at 11:31 By Eduard Kovacs A Chrome 127 update patches five vulnerabilities, and Firefox 129 addresses over a dozen security holes. The post Chrome, Firefox Updates Patch Serious Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Chrome, Firefox Updates Patch Serious Vulnerabilities  Read More »

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash

BSOD, CrowdStrike, disaster recovery, Falcon, Featured, Incident Response, Microsoft, Vulnerabilities, Windows /

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash 2024-08-06 at 21:16 By Ryan Naraine CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a “confluence” of vulnerabilities and testing gaps. The post CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash appeared first on SecurityWeek. This article is

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash Read More »

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year

bug bounty program, Microsoft, Vulnerabilities /

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year 2024-08-06 at 13:16 By Eduard Kovacs Microsoft paid out $16.6 million to over 340 security researchers through its bug bounty programs over the past year. The post Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year appeared first on SecurityWeek. This article

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year Read More »

Google Patches Android Zero-Day Exploited in Targeted Attacks

Android, exploited, Featured, Vulnerabilities, vulnerability, Zero-Day /

Google Patches Android Zero-Day Exploited in Targeted Attacks 2024-08-06 at 11:01 By Eduard Kovacs Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks.  The post Google Patches Android Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Google Patches Android Zero-Day Exploited in Targeted Attacks Read More »

New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous

Featured, kernel, Linux, SLUBStick, Vulnerabilities /

New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous 2024-08-05 at 16:47 By Eduard Kovacs A new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous.  The post New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

New SLUBStick Attack Makes Linux Kernel Vulnerabilities More Dangerous Read More »

Apache OFBiz Users Warned of New and Exploited Vulnerabilities

Apache, OFBiz, Vulnerabilities, vulnerability /

Apache OFBiz Users Warned of New and Exploited Vulnerabilities 2024-08-05 at 15:01 By Eduard Kovacs Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed. The post Apache OFBiz Users Warned of New and Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

Apache OFBiz Users Warned of New and Exploited Vulnerabilities Read More »

Scroll to Top