Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own 2024-03-25 at 12:33 By Ionut Arghire Firefox browser updates address two zero-day vulnerabilities exploited at the Pwn2Own hacking contest. The post Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own Read More »
Saflok Lock Vulnerability Can Be Exploited to Open Millions of Doors 2024-03-22 at 14:01 By Ionut Arghire Vulnerability in Dormakaba’s Saflok electronic locks allow hackers to forge keycards and open millions of doors. The post Saflok Lock Vulnerability Can Be Exploited to Open Millions of Doors appeared first on SecurityWeek. This article is an excerpt
Saflok Lock Vulnerability Can Be Exploited to Open Millions of Doors Read More »
Tesla, OS, Software Exploits Earn Hackers $1.1 Million at Pwn2Own 2024 2024-03-22 at 12:36 By Eduard Kovacs Exploits targeting Tesla cars, operating systems, and popular software earned participants over $1.1 million at Pwn2Own Vancouver 2024. The post Tesla, OS, Software Exploits Earn Hackers $1.1 Million at Pwn2Own 2024 appeared first on SecurityWeek. This article is
Tesla, OS, Software Exploits Earn Hackers $1.1 Million at Pwn2Own 2024 Read More »
Microsoft Patches Xbox Vulnerability Following Public Disclosure 2024-03-21 at 15:46 By Eduard Kovacs Microsoft patches Xbox Gaming Services vulnerability CVE-2024-28916 after initially saying it was not a security issue. The post Microsoft Patches Xbox Vulnerability Following Public Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Microsoft Patches Xbox Vulnerability Following Public Disclosure Read More »
GitHub Rolls Out ‘Code Scanning Autofix’ in Public Beta 2024-03-21 at 14:16 By Ionut Arghire GitHub’s code scanning autofix delivers remediation suggestions for two-thirds of the identified vulnerabilities. The post GitHub Rolls Out ‘Code Scanning Autofix’ in Public Beta appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
GitHub Rolls Out ‘Code Scanning Autofix’ in Public Beta Read More »
$200,000 Awarded at Pwn2Own 2024 for Tesla Hack 2024-03-21 at 11:46 By Eduard Kovacs Participants earned a total of $732,500 on the first day of Pwn2Own Vancouver 2024 for hacking a Tesla, operating systems, and other software. The post $200,000 Awarded at Pwn2Own 2024 for Tesla Hack appeared first on SecurityWeek. This article is an
$200,000 Awarded at Pwn2Own 2024 for Tesla Hack Read More »
Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server 2024-03-20 at 16:46 By Ionut Arghire Atlassian releases patches for two dozen vulnerabilities, including a critical-severity bug in Bamboo Data Center and Server. The post Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server appeared first on SecurityWeek. This article is an excerpt from
Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server Read More »
Chrome 123, Firefox 124 Patch Serious Vulnerabilities 2024-03-20 at 15:01 By Ionut Arghire Chrome and Firefox security updates released on Tuesday resolve a critical-severity and multiple high-severity vulnerabilities. The post Chrome 123, Firefox 124 Patch Serious Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Chrome 123, Firefox 124 Patch Serious Vulnerabilities Read More »
300,000 Systems Vulnerable to New Loop DoS Attack 2024-03-20 at 12:01 By Eduard Kovacs Academic researchers describe a new application-layer loop DoS attack affecting Broadcom, Honeywell, Microsoft and MikroTik. The post 300,000 Systems Vulnerable to New Loop DoS Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
300,000 Systems Vulnerable to New Loop DoS Attack Read More »
Aiohttp Vulnerability in Attacker Crosshairs 2024-03-19 at 12:23 By Eduard Kovacs A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group. The post Aiohttp Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Aiohttp Vulnerability in Attacker Crosshairs Read More »
New Attack Shows Risks of Browsers Giving Websites Access to GPU 2024-03-18 at 15:17 By Eduard Kovacs Researchers demonstrate remote GPU cache side-channel attack from within browsers against AMD and NVIDIA graphics cards. The post New Attack Shows Risks of Browsers Giving Websites Access to GPU appeared first on SecurityWeek. This article is an excerpt
New Attack Shows Risks of Browsers Giving Websites Access to GPU Read More »
Pentagon Received Over 50,000 Vulnerability Reports Since 2016 2024-03-18 at 15:17 By Ionut Arghire Since 2016, the US DoD has received over 50,000 submissions through its vulnerability disclosure program. The post Pentagon Received Over 50,000 Vulnerability Reports Since 2016 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Pentagon Received Over 50,000 Vulnerability Reports Since 2016 Read More »
PoC Published for Critical Fortra Code Execution Vulnerability 2024-03-18 at 13:46 By Ionut Arghire A critical directory traversal vulnerability in Fortra FileCatalyst Workflow could lead to remote code execution. The post PoC Published for Critical Fortra Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
PoC Published for Critical Fortra Code Execution Vulnerability Read More »
Discontinued Security Plugins Expose Many WordPress Sites to Takeover 2024-03-15 at 14:17 By Ionut Arghire Thousands of WordPress sites are at risk of takeover due to a critical privilege escalation vulnerability in two closed MiniOrange plugins. The post Discontinued Security Plugins Expose Many WordPress Sites to Takeover appeared first on SecurityWeek. This article is an
Discontinued Security Plugins Expose Many WordPress Sites to Takeover Read More »
Cisco Patches High-Severity IOS RX Vulnerabilities 2024-03-14 at 15:43 By Ionut Arghire Cisco releases patches for high-severity denial-of-service and elevation of privilege vulnerabilities in IOS RX software. The post Cisco Patches High-Severity IOS RX Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Cisco Patches High-Severity IOS RX Vulnerabilities Read More »
Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints 2024-03-14 at 14:01 By Ionut Arghire A high-severity Kubernetes vulnerability tracked as CVE-2023-5528 can be exploited to execute arbitrary code on Windows endpoints. The post Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Kubernetes Vulnerability Allows Remote Code Execution on Windows Endpoints Read More »
Fortinet Patches Critical Vulnerabilities Leading to Code Execution 2024-03-13 at 12:33 By Ionut Arghire Fortinet has released patches for critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. The post Fortinet Patches Critical Vulnerabilities Leading to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Fortinet Patches Critical Vulnerabilities Leading to Code Execution Read More »
Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server 2024-03-12 at 21:51 By Ryan Naraine Microsoft ships patches for at least 60 security vulnerabilities in the Windows ecosystem and warned of remote code execution risks. The post Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server appeared first on SecurityWeek. This article is
Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server Read More »
SAP Patches Critical Command Injection Vulnerabilities 2024-03-12 at 20:21 By Ionut Arghire Enterprise software maker SAP documents multiple critical-severity issues and warns of risk of command injection attacks. The post SAP Patches Critical Command Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
SAP Patches Critical Command Injection Vulnerabilities Read More »
Google Paid Out $10 Million via Bug Bounty Programs in 2023 2024-03-12 at 20:21 By Eduard Kovacs Google paid out $10 million via its bug bounty programs in 2023, bringing the total to nearly $60 million since 2010. The post Google Paid Out $10 Million via Bug Bounty Programs in 2023 appeared first on SecurityWeek.
Google Paid Out $10 Million via Bug Bounty Programs in 2023 Read More »