Vulnerabilities

Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking

Data leak, Vulnerabilities /

Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking 04/08/2023 at 15:17 By Ionut Arghire Multiple vulnerabilities in the airline and hotel rewards platform points.com could have led to personal information theft and unauthorized administrative access. The post Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking Read More »

Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed

Ivanti, Vulnerabilities, vulnerability /

Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed 04/08/2023 at 13:31 By Eduard Kovacs Exploitation of the Ivanti EPMM flaw CVE-2023-35078 is picking up as a new critical vulnerability tracked as CVE-2023-35082 is disclosed. The post Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed appeared first on

React to this headline:

Loading spinner

Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed Read More »

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities

Featured, Government, Vulnerabilities, vulnerability /

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities 04/08/2023 at 12:31 By Ionut Arghire Five Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022. The post Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities Read More »

These Are the Top Five Cloud Security Risks, Qualys Says

Cloud, cloud security, Risk Management, Vulnerabilities /

These Are the Top Five Cloud Security Risks, Qualys Says 03/08/2023 at 17:47 By Kevin Townsend Cloud security specialist Qualys has provided its view of the top five cloud security risks, drawing insights and data from its own platform and third parties. The post These Are the Top Five Cloud Security Risks, Qualys Says appeared

React to this headline:

Loading spinner

These Are the Top Five Cloud Security Risks, Qualys Says Read More »

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router

ICS/OT, Industrial, router, Vulnerabilities /

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router 03/08/2023 at 17:47 By Ionut Arghire Cisco Talos researchers warn of dozens of critical- and high-severity vulnerabilities in the Milesight UR32L industrial router leading to code execution. The post Dozens of RCE Vulnerabilities Impact Milesight Industrial Router appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Dozens of RCE Vulnerabilities Impact Milesight Industrial Router Read More »

Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update

Chrome, Vulnerabilities /

Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update 03/08/2023 at 12:47 By Ionut Arghire Google has paid out over $60,000 for three high-severity type confusion vulnerabilities in Chrome’s V8 engine. The post Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Awards Over $60,000 for V8 Vulnerabilities Patched With Chrome 115 Update Read More »

Firefox 116 Patches High-Severity Vulnerabilities

Vulnerabilities /

Firefox 116 Patches High-Severity Vulnerabilities 02/08/2023 at 15:42 By Ionut Arghire Firefox 116 was released with patches for 14 CVEs, including nine high-severity vulnerabilities, some of which can lead to remote code execution or sandbox escapes. The post Firefox 116 Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Firefox 116 Patches High-Severity Vulnerabilities Read More »

Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter

Hacker Conversations, Vulnerabilities /

Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter 01/08/2023 at 15:49 By Kevin Townsend SecurityWeek speaks to Youssef Sammouda about using cybersecurity research and bug bounties as a way of life and source of income. The post Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter Read More »

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks

Featured, Ivanti, Malware & Threats, Vulnerabilities, Zero-Day /

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks 31/07/2023 at 13:31 By Eduard Kovacs Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks. The post Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks Read More »

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android 

Data Breaches, In Other News, Mobile & Wireless, Vulnerabilities /

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android  28/07/2023 at 19:17 By SecurityWeek News Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 24, 2023. The post In Other News: Data Breach Cost Rises, Russia

React to this headline:

Loading spinner

In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android  Read More »

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications

Government, guidance, Vulnerabilities, web security /

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications 28/07/2023 at 19:17 By Ionut Arghire US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications. The post US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications Read More »

Zimbra Patches Exploited Zero-Day Vulnerability

Vulnerabilities, Zero-Day, Zimbra /

Zimbra Patches Exploited Zero-Day Vulnerability 28/07/2023 at 15:47 By Ionut Arghire Zimbra has released patches for a cross-site scripting (XSS) vulnerability that has been exploited in malicious attacks. The post Zimbra Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Zimbra Patches Exploited Zero-Day Vulnerability Read More »

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads

cloud security, Featured, Ubuntu, Vulnerabilities, vulnerability /

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »

Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation

Amd, cloud security, CVE-2023-20593, Project Zero, Tavis Ormandy, Vulnerabilities, zenbleed /

Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation 27/07/2023 at 04:18 By Ryan Naraine Researchers say a whopping 62 percent of AWS environments may be exposed to the newly documented AMD ‘Zenbleed’ information leak flaw. The post Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation Read More »

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks

Microsoft, MSMQ, Vulnerabilities /

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks 26/07/2023 at 17:34 By Ionut Arghire Fortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service. The post Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks Read More »

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems

ICS, ICS/OT, Vulnerabilities, vulnerability /

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems 25/07/2023 at 19:32 By Kevin Townsend TETRA:BURST – vulnerabilities in widely used radio standard could threaten military and law enforcement communications, as well as ICS. The post TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems Read More »

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information

Endpoint Security, Vulnerabilities /

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information 25/07/2023 at 15:48 By Eduard Kovacs AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information Read More »

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government

cybercrime, exploited, Featured, Ivanti, Vulnerabilities, Zero-Day /

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government 25/07/2023 at 13:04 By Eduard Kovacs An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government Read More »

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks

apple, Government, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks 25/07/2023 at 03:03 By Ryan Naraine Apple patches another zero-day flaw used in the ‘Operation Triangulation’ exploit chain. iOS and macOS-powered devices are affected. The post Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Apple Patches Another Kernel Flaw Exploited in ‘Operation Triangulation’ Attacks Read More »

Over 20,000 Citrix Appliances Vulnerable to New Exploit

Citrix, exploit, Vulnerabilities /

Over 20,000 Citrix Appliances Vulnerable to New Exploit 24/07/2023 at 17:02 By Ionut Arghire Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519. The post Over 20,000 Citrix Appliances Vulnerable to New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Over 20,000 Citrix Appliances Vulnerable to New Exploit Read More »

Scroll to Top