In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity 2024-07-05 at 15:02 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft details Rockwell HMI vulnerabilities, smart grills hacked, Predator spyware activity drops. The post In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity […]
regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely 2024-07-03 at 13:31 By Eduard Kovacs The critical OpenSSH vulnerability tracked as regreSSHion and CVE-2024-6387 may already be targeted by attackers, but mass exploitation is unlikely. The post regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely appeared first on SecurityWeek. This
Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug 2024-07-02 at 18:16 By Ionut Arghire Google ships an Android security update with fixes for 15 vulnerabilities, including a critical-severity flaw in Framework. The post Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug appeared first on SecurityWeek. This article is an excerpt from
Google Patches 25 Android Flaws, Including Critical Privilege Escalation Bug Read More »
Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks 2024-07-02 at 16:31 By Ionut Arghire EVA Information Security has shared details on three CocoaPods vulnerabilities impacting millions of macOS and iOS applications. The post Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks appeared first on SecurityWeek. This article
Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks Read More »
Splunk Patches High-Severity Vulnerabilities in Enterprise Product 2024-07-02 at 16:31 By Ionut Arghire Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs. The post Splunk Patches High-Severity Vulnerabilities in Enterprise Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Splunk Patches High-Severity Vulnerabilities in Enterprise Product Read More »
Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program 2024-07-01 at 17:01 By Eduard Kovacs Google has announced a new KVM bug bounty program named kvmCTF with rewards of up to $250,000 for a full VM escape. The post Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty
Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program Read More »
Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack 2024-07-01 at 15:31 By Eduard Kovacs Millions of OpenSSH servers could be vulnerable to unauthenticated remote code execution due to a vulnerability tracked as regreSSHion and CVE-2024-6387. The post Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack appeared first on SecurityWeek. This article
Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack Read More »
Juniper Networks Warns of Critical Authentication Bypass Vulnerability 2024-07-01 at 14:31 By Ionut Arghire Juniper Networks warns of a critical authentication bypass flaw impacting Session Smart routers and conductors. The post Juniper Networks Warns of Critical Authentication Bypass Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Juniper Networks Warns of Critical Authentication Bypass Vulnerability Read More »
Fortra Patches Critical SQL Injection in FileCatalyst Workflow 2024-06-28 at 14:16 By Ionut Arghire Fortra has patched a critical-severity vulnerability in FileCatalyst Workflow leading to the creation of administrator accounts. The post Fortra Patches Critical SQL Injection in FileCatalyst Workflow appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original
Fortra Patches Critical SQL Injection in FileCatalyst Workflow Read More »
GitLab Security Updates Patch 14 Vulnerabilities 2024-06-27 at 17:01 By Ionut Arghire GitLab CE and EE updates resolve 14 vulnerabilities, including a critical- and three high-severity bugs. The post GitLab Security Updates Patch 14 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
GitLab Security Updates Patch 14 Vulnerabilities Read More »
CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities 2024-06-27 at 15:31 By Ionut Arghire CISA on Wednesday warned that three older flaws in GeoServer, Linux kernel, and Roundcube webmail are exploited in the wild. The post CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities appeared first on SecurityWeek. This article is
CISA Warns of Exploited GeoServer, Linux Kernel, and Roundcube Vulnerabilities Read More »
Exploitation Attempts Target New MOVEit Transfer Vulnerability 2024-06-26 at 13:01 By Eduard Kovacs Exploitation attempts targeting CVE-2024-5806, a critical MOVEit Transfer vulnerability patched recently, have started. The post Exploitation Attempts Target New MOVEit Transfer Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Exploitation Attempts Target New MOVEit Transfer Vulnerability Read More »
Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher 2024-06-25 at 15:01 By Kevin Townsend Researcher shows how hackers could use social engineering to deliver ransomware and other malware to Meta’s Quest 3 VR headset. The post Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher appeared first on SecurityWeek. This article is an excerpt
Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher Read More »
Chrome 126 Update Patches Memory Safety Bugs 2024-06-25 at 11:01 By Ionut Arghire Google has released a Chrome security update to resolve four high-severity use-after-free vulnerabilities. The post Chrome 126 Update Patches Memory Safety Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Chrome 126 Update Patches Memory Safety Bugs Read More »
New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity 2024-06-24 at 19:31 By Eduard Kovacs New attack named SnailLoad allows a remote attacker to infer websites and videos viewed by a user without direct access to network traffic. The post New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity
New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity Read More »
EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities 2024-06-24 at 18:31 By Eduard Kovacs The EFF has issued a warning over the use of automated license plate readers following the discovery of serious vulnerabilities. The post EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities appeared first on
EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities Read More »
Recent SolarWinds Serv-U Vulnerability Exploited in the Wild 2024-06-21 at 16:32 By Ionut Arghire Threat actors are exploiting a recent path traversal vulnerability in SolarWinds Serv-U using public PoC code. The post Recent SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original
Recent SolarWinds Serv-U Vulnerability Exploited in the Wild Read More »
In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up 2024-06-21 at 16:32 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Microsoft email spoofing vulnerability, Snowflake hack victims get ransom demands, LogoFail still around. The post In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up appeared first on
In Other News: Microsoft Email Spoofing, Snowflake Hack Ransoms, LogoFail Follow-Up Read More »
Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira 2024-06-20 at 14:01 By Ionut Arghire Atlassian has released Confluence, Crucible, and Jira updates to address multiple high-severity vulnerabilities. The post Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira Read More »
Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition 2024-06-19 at 14:31 By Ionut Arghire Google has released a Chrome 126 security update with six fixes, including four for externally reported high-severity flaws. The post Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Chrome 126 Update Patches Vulnerability Exploited at Hacking Competition Read More »