Vulnerabilities

SBOMs – Software Supply Chain Security’s Future or Fantasy?

Featured, Government, Government Policy, open source, SBOM, software, Supply Chain Security, Vulnerabilities /

SBOMs – Software Supply Chain Security’s Future or Fantasy? 05/06/2023 at 14:39 By Kevin Townsend If after eighteen months, meaningful use of SBOMs is unachievable, we need to ask what needs to be done to fulfill Biden’s executive order. The post SBOMs – Software Supply Chain Security’s Future or Fantasy? appeared first on SecurityWeek. This […]

React to this headline:

Loading spinner

SBOMs – Software Supply Chain Security’s Future or Fantasy? Read More »

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards

Endpoint Security, Vulnerabilities /

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards 05/06/2023 at 14:39 By Ionut Arghire Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards. The post Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards Read More »

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack 

Malware & Threats, news roundup, Tracking & Law Enforcement, Vulnerabilities /

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack  03/06/2023 at 14:33 By Eduard Kovacs Cybersecurity news that you may have missed this week: the spyware used by various governments, new vulnerabilities, industrial security products, and Linux router attacks. The post In Other News: Government Use of Spyware, New Industrial

React to this headline:

Loading spinner

In Other News: Government Use of Spyware, New Industrial Security Tools, Japan Router Hack  Read More »

High-Severity Vulnerabilities Patched in Splunk Enterprise

Vulnerabilities, vulnerability /

High-Severity Vulnerabilities Patched in Splunk Enterprise 02/06/2023 at 16:54 By Ionut Arghire Splunk has resolved multiple high-severity vulnerabilities in Splunk Enterprise, including bugs in third-party packages used by the product. The post High-Severity Vulnerabilities Patched in Splunk Enterprise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

High-Severity Vulnerabilities Patched in Splunk Enterprise Read More »

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations

Featured, MOVEit, Vulnerabilities, Zero-Day /

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations 02/06/2023 at 12:41 By Eduard Kovacs A zero-day vulnerability in Progress Software’s MOVEit Transfer product has been exploited to hack organizations and steal their data. The post Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations appeared first on SecurityWeek.

React to this headline:

Loading spinner

Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations Read More »

Google Temporarily Offering $180,000 for Full Chain Chrome Exploit

Vulnerabilities /

Google Temporarily Offering $180,000 for Full Chain Chrome Exploit 02/06/2023 at 07:42 By Ionut Arghire Google is offering a bug bounty reward of up to $180,000 for a full chain exploit leading to a sandbox escape in the Chrome browser. The post Google Temporarily Offering $180,000 for Full Chain Chrome Exploit appeared first on SecurityWeek.

React to this headline:

Loading spinner

Google Temporarily Offering $180,000 for Full Chain Chrome Exploit Read More »

Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks

ICS, ICS/OT, Vulnerabilities /

Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks 01/06/2023 at 15:19 By Eduard Kovacs Critical authentication bypass and high-severity command injection vulnerabilities have been patched in Moxa’s MXsecurity product. The post Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks Read More »

Adobe Inviting Researchers to Private Bug Bounty Program

Vulnerabilities /

Adobe Inviting Researchers to Private Bug Bounty Program 01/06/2023 at 13:47 By Ionut Arghire Adobe is inviting security researchers to join its private bug bounty program on the HackerOne platform. The post Adobe Inviting Researchers to Private Bug Bounty Program appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Adobe Inviting Researchers to Private Bug Bounty Program Read More »

Critical Vulnerabilities Found in Faronics Education Software

Vulnerabilities, vulnerability /

Critical Vulnerabilities Found in Faronics Education Software 01/06/2023 at 12:35 By Ionut Arghire Faronics patches critical-severity remote code execution (RCE) vulnerabilities in the Insight education software. The post Critical Vulnerabilities Found in Faronics Education Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerabilities Found in Faronics Education Software Read More »

SharpPanda APT Campaign Expands its Arsenal Targeting G20 Nations

APT, Argentina, Australia, backdoor, Brazil, Canada, China, CVE-2017-11882, CVE-2018-0798, CVE-2018-0802, cyberattack, cybercrime, data breach, Data leak, DLL Downloader, Equation Editor, France, G20, G7, Germany, Hiroshima, India, Indonesia, Initial access, Italy, Japan, Malware, Microsoft Office, RTF, Saudi Arabia, SharpPanda, South Africa, South Korea, Threat Intelligence, Turkey, United Kingdom, United States, Vulnerabilities /

SharpPanda APT Campaign Expands its Arsenal Targeting G20 Nations 01/06/2023 at 08:36 By cybleinc Cyble analyzes SharpPanda, a highly sophisticated APT group utilizing spear-phishing tactics to launch cyberattacks on G20 Nation officials. The post SharpPanda APT Campaign Expands its Arsenal Targeting G20 Nations appeared first on Cyble. This article is an excerpt from Cyble View

React to this headline:

Loading spinner

SharpPanda APT Campaign Expands its Arsenal Targeting G20 Nations Read More »

Chrome 114 Released With 18 Security Fixes

Vulnerabilities /

Chrome 114 Released With 18 Security Fixes 31/05/2023 at 18:34 By Ionut Arghire Chrome 114 stable brings 18 security fixes, including 13 for vulnerabilities reported by external researchers. The post Chrome 114 Released With 18 Security Fixes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Chrome 114 Released With 18 Security Fixes Read More »

Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery

Barracuda, Featured, Vulnerabilities, Zero-Day /

Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery 31/05/2023 at 12:49 By Eduard Kovacs The recently discovered Barracuda zero-day vulnerability CVE-2023-2868 has been exploited to deliver malware and steal data since at least October 2022. The post Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery Read More »

Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability

Vulnerabilities /

Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability 31/05/2023 at 12:49 By Ionut Arghire A decade-old critical vulnerability in Jetpack was force-patched on five million WordPress sites over the past few days. The post Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability Read More »

Many Vulnerabilities Found in PrinterLogic Enterprise Software

Vulnerabilities, vulnerability /

Many Vulnerabilities Found in PrinterLogic Enterprise Software 30/05/2023 at 17:06 By Ionut Arghire Multiple vulnerabilities in PrinterLogic’s enterprise management printer solution could expose organizations to various types of attacks. The post Many Vulnerabilities Found in PrinterLogic Enterprise Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Many Vulnerabilities Found in PrinterLogic Enterprise Software Read More »

Zyxel Firewalls Hacked by Mirai Botnet

cybercrime, Vulnerabilities /

Zyxel Firewalls Hacked by Mirai Botnet 26/05/2023 at 14:10 By Eduard Kovacs A Mirai botnet has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls. The post Zyxel Firewalls Hacked by Mirai Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Zyxel Firewalls Hacked by Mirai Botnet Read More »

GitLab Security Update Patches Critical Vulnerability

GitLab, Vulnerabilities, vulnerability /

GitLab Security Update Patches Critical Vulnerability 25/05/2023 at 14:05 By Ionut Arghire GitLab CE/EE version 16.0.1 patches a critical arbitrary file read vulnerability tracked as CVE-2023-2825. The post GitLab Security Update Patches Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

GitLab Security Update Patches Critical Vulnerability Read More »

Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances

Barracuda, exploited, Vulnerabilities, Zero-Day /

Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances 25/05/2023 at 14:05 By Eduard Kovacs Barracuda Networks is warning customers about CVE-2023-2868, a zero-day exploited to hack some Email Security Gateway (ESG) appliances. The post Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Zero-Day Vulnerability Exploited to Hack Barracuda Email Security Gateway Appliances Read More »

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own

mikrotik, Network Security, Vulnerabilities /

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own 23/05/2023 at 21:33 By Ryan Naraine MikroTik patches a major security defect in its RouterOS product a full five months after it was exploited at Pwn2Own Toronto. The post Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Mikrotik Belatedly Patches RouterOS Flaw Exploited at Pwn2Own Read More »

Samsung Smartphone Users Warned of Actively Exploited Vulnerability

Featured, Mobile & Wireless, Samsung, Vulnerabilities /

Samsung Smartphone Users Warned of Actively Exploited Vulnerability 22/05/2023 at 12:50 By Eduard Kovacs Samsung smartphone users warned about CVE-2023-21492, an ASLR bypass vulnerability exploited in the wild, likely by a spyware vendor. The post Samsung Smartphone Users Warned of Actively Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Samsung Smartphone Users Warned of Actively Exploited Vulnerability Read More »

Pimcore Platform Flaws Exposed Users to Code Execution

Supply Chain Security, Vulnerabilities /

Pimcore Platform Flaws Exposed Users to Code Execution 19/05/2023 at 23:09 By Ionut Arghire Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks. The post Pimcore Platform Flaws Exposed Users to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Pimcore Platform Flaws Exposed Users to Code Execution Read More »

Scroll to Top