Vulnerabilities

Chrome 128 Update Resolves High-Severity Vulnerabilities

Chrome, Vulnerabilities, vulnerability /

Chrome 128 Update Resolves High-Severity Vulnerabilities 2024-09-11 at 12:16 By Ionut Arghire Google has released a Chrome 128 security update to resolve high-severity memory safety vulnerabilities. The post Chrome 128 Update Resolves High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Chrome 128 Update Resolves High-Severity Vulnerabilities Read More »

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

CVE-2024-38226, CVE-2024-43491, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows Update /

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes 2024-09-10 at 23:31 By Ryan Naraine Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update. The post Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes Read More »

Adobe Patches Critical, Code Execution Flaws in Multiple Products

Acrobat and Reader, Adobe, ColdFusion, Patch Tuesday, Vulnerabilities /

Adobe Patches Critical, Code Execution Flaws in Multiple Products 2024-09-10 at 20:01 By Ryan Naraine Patch Tuesday: Adobe releases patches for 28 security vulnerabilities and warned of code execution risks on Windows and macOS platforms. The post Adobe Patches Critical, Code Execution Flaws in Multiple Products appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Adobe Patches Critical, Code Execution Flaws in Multiple Products Read More »

SAP Releases 16 New Security Notes on September 2024 Patch Day

Patch Tuesday, SAP, Vulnerabilities /

SAP Releases 16 New Security Notes on September 2024 Patch Day 2024-09-10 at 17:31 By Ionut Arghire SAP has released patches for multiple missing authorization check and information disclosure vulnerabilities on its September 2024 Security Patch Day. The post SAP Releases 16 New Security Notes on September 2024 Patch Day appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SAP Releases 16 New Security Notes on September 2024 Patch Day Read More »

Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws

Android, firmware, Google, memory corruption, rust, Security Architecture, Vulnerabilities /

Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 2024-09-09 at 23:01 By Ryan Naraine Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases. The post Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws Read More »

Exploring an Experimental Windows Kernel Rootkit in Rust

Security Research, Tips & Tricks, Vulnerabilities /

Exploring an Experimental Windows Kernel Rootkit in Rust 2024-09-09 at 16:02 By memN0ps Around two years ago, memN0ps took the initiative to create one of the first publicly available rootkit proof of concepts (PoCs) in Rust as an experimental project, while learning a new programming language. It still lacks many features, which are relatively easy

React to this headline:

Loading spinner

Exploring an Experimental Windows Kernel Rootkit in Rust Read More »

Hypervisor Development in Rust for Security Researchers (Part 1)

Security Research, Threat Intelligence, Tips & Tricks, Vulnerabilities /

Hypervisor Development in Rust for Security Researchers (Part 1) 2024-09-06 at 23:31 By memN0ps In the ever-evolving field of information security, curiosity and continuous learning drive innovation.  This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Hypervisor Development in Rust for Security Researchers (Part 1) Read More »

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

exploited, firewall, SonicWall, Vulnerabilities /

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild 2024-09-06 at 16:17 By Eduard Kovacs SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild. The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild Read More »

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz

Apache OFBiz, exploited, Vulnerabilities /

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz 2024-09-06 at 15:01 By Ionut Arghire The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks. The post Apache Makes Another Attempt at Patching Exploited RCE in OFBiz appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz Read More »

Veeam Patches Critical Vulnerabilities in Enterprise Products

Veeam, Vulnerabilities, vulnerability /

Veeam Patches Critical Vulnerabilities in Enterprise Products 2024-09-06 at 15:01 By Ionut Arghire Veeam has released patches for critical-severity vulnerabilities in Backup & Replication, ONE, and Service Provider Console. The post Veeam Patches Critical Vulnerabilities in Enterprise Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Veeam Patches Critical Vulnerabilities in Enterprise Products Read More »

CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability 

airline, airport, Vulnerabilities, vulnerability /

CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability  2024-09-06 at 13:31 By Eduard Kovacs Researchers and the TSA have different views on the impact of vulnerabilities in an airport security application that could allegedly allow the bypass of certain airport security systems. The post CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability  appeared

React to this headline:

Loading spinner

CISA Breaks Silence on Controversial ‘Airport Security Bypass’ Vulnerability  Read More »

LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks

Vulnerabilities, vulnerability, WordPress /

LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks 2024-09-06 at 13:31 By Ionut Arghire A vulnerability in the LiteSpeed Cache WordPress plugin leads to the exposure of sensitive information, including user cookies. The post LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks Read More »

Cisco Patches Critical Vulnerabilities in Smart Licensing Utility

Cisco, Vulnerabilities, vulnerability /

Cisco Patches Critical Vulnerabilities in Smart Licensing Utility 2024-09-05 at 16:01 By Ionut Arghire Cisco has released patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility. The post Cisco Patches Critical Vulnerabilities in Smart Licensing Utility appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerabilities in Smart Licensing Utility Read More »

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation

CLFS, exploit mitigation, HMAC, Microsoft, Ransomware, Security Architecture, Vulnerabilities /

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation 2024-09-04 at 20:46 By Ryan Naraine Microsoft is experimenting with a major new security mitigation to block attacks targeting flaws in the Windows Common Log File System (CLFS). The post Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation Read More »

Zyxel Patches Critical Vulnerabilities in Networking Devices

Vulnerabilities, Zyxel /

Zyxel Patches Critical Vulnerabilities in Networking Devices 2024-09-04 at 15:31 By Ionut Arghire Zyxel has released patches for multiple vulnerabilities in its networking devices, including a critical flaw impacting access points and security routers. The post Zyxel Patches Critical Vulnerabilities in Networking Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Zyxel Patches Critical Vulnerabilities in Networking Devices Read More »

D-Link Warns of Code Execution Flaws in Discontinued Router Model

D-Link, Vulnerabilities, vulnerability /

D-Link Warns of Code Execution Flaws in Discontinued Router Model 2024-09-04 at 13:46 By Ionut Arghire D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router model. The post D-Link Warns of Code Execution Flaws in Discontinued Router Model appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

D-Link Warns of Code Execution Flaws in Discontinued Router Model Read More »

CISA Warns of Critical ICS Vulnerabilities in Rockwell and Delta Electronics

Vulnerabilities, vulnerability /

CISA Warns of Critical ICS Vulnerabilities in Rockwell and Delta Electronics 2024-09-04 at 11:02 By Cyble Key Takeaways  Overview  On August 29, the Cybersecurity and Infrastructure Security Agency (CISA) released three advisories to warn users and administrators of several critical vulnerabilities affecting industrial control systems (ICS) from prominent vendors.  Cyble’s ICS vulnerabilities report last week

React to this headline:

Loading spinner

CISA Warns of Critical ICS Vulnerabilities in Rockwell and Delta Electronics Read More »

VMware Patches High-Severity Code Execution Flaw in Fusion

code execution, CVE-2024-38811, virtualization, VMWare, Vulnerabilities /

VMware Patches High-Severity Code Execution Flaw in Fusion 2024-09-03 at 19:16 By Ionut Arghire VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor. The post VMware Patches High-Severity Code Execution Flaw in Fusion appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

VMware Patches High-Severity Code Execution Flaw in Fusion Read More »

Chrome 128 Updates Patch High-Severity Vulnerabilities

Chrome, Vulnerabilities /

Chrome 128 Updates Patch High-Severity Vulnerabilities 2024-09-03 at 11:46 By Ionut Arghire Google has released two Chrome 128 updates to address six high-severity vulnerabilities reported by external researchers. The post Chrome 128 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Chrome 128 Updates Patch High-Severity Vulnerabilities Read More »

Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day

Citrine Sleet, CVE-2024-7971, Google Chrome, Microsoft, Vulnerabilities /

Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day 2024-08-31 at 00:01 By Ryan Naraine Redmond’s threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financial gain. The post Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day Read More »

Scroll to Top